github-action-for-generator
MAL-2025-190845
npmmalware11/24/2025
Description
Malicious code in github-action-for-generator (npm)
Indicators of Compromise
SHA256 Hashes (5)
f113ada2d15b58b0f4d27cf7554da50cc65dcdfc103616cd54e31b2a77f6d867
456b535e2ac0dbf2257fbb995ee5d72a53c3cfc544a0c9fb477f0c7eb20477d1
597aa3cf8958fae580a08b96dfdf363725ef3409f2a1c962b1706888d454fa03
45d3f617460c732c1416984e1544e5b96c47ff933b78ba386532b22276cc7cbf
7b020c3058b2a7560a89a5cc742fb77bec0a7d5a2067d4f4371463c52ef14913
References (4)
https://github.com/advisories/GHSA-r948-2g4j-wcwxOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-r948-2g4j-wcwx
Quick Actions