@quick-start-soft/quick-document-translator
MAL-2025-190819
npmmalware11/24/2025
Description
Malicious code in @quick-start-soft/quick-document-translator (npm)
Indicators of Compromise
SHA256 Hashes (4)
d5e135d27f489db045718d0e317c122528b695786c5b0d76e7c3a16f237691ba
4837747658fccdc13c30d5359ffe43e237536140e50412ba0126afa5d6d8e301
5daf364b95271cf0e8df6bbf9b6f95e247622760e09bff2b21597b3dc2ba43db
021c0b9cecc069855362ef1a1d5ffadc5d888d8239588b7b61aa2a396648ce2a
References (4)
https://github.com/advisories/GHSA-wjpv-3759-qmc5OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-wjpv-3759-qmc5
Quick Actions