@mparpaillon/connector-parse
MAL-2025-190870
npmmalware11/24/2025
Description
Malicious code in @mparpaillon/connector-parse (npm)
Indicators of Compromise
SHA256 Hashes (2)
ffec89e4bd3b2d309b636261098474ed4816b5b9bd40872855c24c082de3666c
fd0b144ccf46c26b573ad6529c660984a3c361d857bd2f3c0866845d1304443f
References (5)
https://www.mend.io/blog/shai-hulud-the-second-comingOSVhttps://checkmarx.com/zero-post/shai-huluds-second-coming-npm-malware-attack-evolvedOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.veracode.com/blog/return-of-the-shai-hulud-wormOSVhttps://www.reversinglabs.com/blog/another-shai-hulud-npm-worm-is-spreading-heres-what-you-need-to-knowOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Quick Actions