jan-browser
MAL-2025-190847
npmmalware11/24/2025
Description
Malicious code in jan-browser (npm)
Indicators of Compromise
SHA256 Hashes (3)
a3954e4e8e77c870bfc41cd61410400a2f7ba85ce1d56123f2e672f63543e6e1
6061d20158eb6f2952932cac8bd818201360f36f2a4fd989357c12400c58a49b
88d7b60d0a0cd9cf4a6e4981157939e3616f0d02c953c60130dc759637bac5b6
References (4)
https://github.com/advisories/GHSA-6jqc-mw3x-g53gOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-6jqc-mw3x-g53g
Quick Actions