south-african-id-info
MAL-2025-191012
npmmalware11/24/2025
Description
Malicious code in south-african-id-info (npm)
Indicators of Compromise
SHA256 Hashes (3)
a13e2fd6f56a4e92c384c686564aab3ba29d9b6ef81d7388d4f7f79f571c67ad
e086352ee820c350aadcfbcb3d69f34586e6a94ec2237005a12cf89a4b6091ba
5f79cdd1379262a163afe2bb49e52445bcb9f52d23b5f30f0a11d0cb55499e0d
References (4)
https://github.com/advisories/GHSA-96x7-jx8q-5h3cOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-96x7-jx8q-5h3c
Quick Actions