gitsafe
MAL-2025-191104
npmmalware11/24/2025
Description
Malicious code in gitsafe (npm)
Indicators of Compromise
SHA256 Hashes (3)
9452f81203482947db7c464bd8a2250d768724dc16837b1e6d56b5c561b343ed
2b037dc2ad33e23c63883eb1961113ca24af5b4aa35f58669c30032ddd52b3c5
35755a0fed2224e2746cd32f8d78ac75980b4669f74e99603a5420f45712cfb9
References (4)
https://github.com/advisories/GHSA-c2q8-fv4h-m9xrOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-c2q8-fv4h-m9xr
Quick Actions