babel-preset-kinvey-flex-service
MAL-2025-191069
npmmalware11/24/2025
Description
Malicious code in babel-preset-kinvey-flex-service (npm)
Indicators of Compromise
SHA256 Hashes (3)
687c3986ebb58be81ff2cffbf4beaf3303f9396beecacbf8eaab8983cb350954
73a0e431e7dec9aa734048ca70ad424140f4ccb7ccd17d79b03bd6c55e2d7390
95227fb68cd76580469df042e11e087ac694eaf2d50c6ac95514edcaee6056a4
References (4)
https://github.com/advisories/GHSA-c8pf-4gvg-m3qjOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-c8pf-4gvg-m3qj
Quick Actions