@trigo/hapi-auth-signedlink
MAL-2025-190829
npmmalware11/24/2025
Description
Malicious code in @trigo/hapi-auth-signedlink (npm)
Indicators of Compromise
SHA256 Hashes (4)
2c6bc7d58766fead811090a6a02e98e0f56a2ce4c01b41f012b9860a4e1df4a0
bed6824ae90bafaade2c426612b295defed6107b61296445aa2d1d728729c23b
1bb7f2b7b5d1c6d104e06a7f5572e0ee02058f618c7cedc46e48465cdc3829aa
e68645054f1d14a1882a56ab3b58d098352cdb92ee8dd0983119a2f9386b62e5
References (4)
https://github.com/advisories/GHSA-r7h6-h82f-pw8fOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-r7h6-h82f-pw8f
Quick Actions