@ntnx/t
MAL-2025-191036
npmmalware11/24/2025
Description
Malicious code in @ntnx/t (npm)
Indicators of Compromise
SHA256 Hashes (4)
a56d53a5cf562204b62c1283f7cc997da367c0eb1cd09c913dcedbe5469bff6e
d6c865e873520d94446f7b67f414619c4cc93ea5be524b6c1b05ce9fc13e18cb
2865f9cc29095e84318d97631a2242512c5361ad8d820cd6212a8cb06417c92a
dd9742b34d565fe5801c75c8d86f4dbd454a577258364afafcdeac08ef1ae60d
References (9)
https://github.com/advisories/GHSA-96fq-r78c-hx8xOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSVhttps://socket.dev/blog/shai-hulud-strikes-again-v2OSVhttps://checkmarx.com/zero-post/shai-huluds-second-coming-npm-malware-attack-evolvedOSVhttps://www.reversinglabs.com/blog/another-shai-hulud-npm-worm-is-spreading-heres-what-you-need-to-knowOSVhttps://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromisedOSVhttps://research.jfrog.com/post/shai-hulud-the-second-comingOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-96fq-r78c-hx8x
Quick Actions