react-micromodal.js
MAL-2025-190994
npmmalware11/24/2025
Description
Malicious code in react-micromodal.js (npm)
Indicators of Compromise
SHA256 Hashes (3)
906d62ad9bc51509985322e73f17a173e01237cfe35844d4920becf0f95d13e5
72c47d6320b68db78fcdfb03b66cfb7cf38551d4e38c7b6442b41a1863406d2f
a210a707cd5501b982cad6e5fa38a52c3016bcb7cbb420aba1152eb36c9bd05c
References (4)
https://github.com/advisories/GHSA-96h8-wqrc-f85wOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-96h8-wqrc-f85w
Quick Actions