react-native-worklet-functions
MAL-2025-190857
npmmalware11/24/2025
Description
Malicious code in react-native-worklet-functions (npm)
Indicators of Compromise
SHA256 Hashes (3)
258c6a5e2787aecf0d01e1543f4d4b0579d60ee9996d00ca981ee7445fcfabb8
6ed2ae3214c7915580ec4f119fc2fc1ee0e071e2deea48ef419973982180aa9c
3333c2f7f0afde0849f1168ff92babe53f636935f1f5a958120d5e6715c0f2af
References (4)
https://github.com/advisories/GHSA-gqg6-r9cg-42hhOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-gqg6-r9cg-42hh
Quick Actions