n8n-nodes-vercel-ai-sdk
MAL-2025-190977
npmmalware11/24/2025
Description
Malicious code in n8n-nodes-vercel-ai-sdk (npm)
Indicators of Compromise
SHA256 Hashes (3)
ce1491d3803ad3ab2b69f29bf0f2cf175c4e5646e036a5398ffb3162dabfb09c
4e3e7549add420dd6e29fcc100779e22f42e36e3d6a194d64ac5cefe5a764971
fbf08581fc5a92ddea401c1962f696ee83e757066a207640e1b719be5794a3a7
References (4)
https://github.com/advisories/GHSA-f422-9v6v-3mm2OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-f422-9v6v-3mm2
Quick Actions