csv-tool-cli
MAL-2025-191084
npmmalware11/24/2025
Description
Malicious code in csv-tool-cli (npm)
Indicators of Compromise
SHA256 Hashes (3)
7a82657ae868943eebe70053efe5b50087b24ce2a81a2c5eccca35dcb483a1f2
3ddc139d43b6a7b980e5748618e29b1914f69809d3767a242bd1f3fa7a7ebe0b
4710ebc34f0c5b28d34c41d165d2fff2c6ea04e90038226c7b328283319dd2a4
References (4)
https://github.com/advisories/GHSA-9qmf-jjv3-65x3OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-9qmf-jjv3-65x3
Quick Actions