web-types-htmx
MAL-2025-191153
npmmalware11/24/2025
Description
Malicious code in web-types-htmx (npm)
Indicators of Compromise
SHA256 Hashes (3)
07877f867a5e18001cab22b77adf1b5bf737045f63a8ba9a2471208dde03f072
33291d918b3035975214c3b2109bb5f5554ef58b2d0283b826a1e0637471d6c7
999540b3b5a1066e399c44ecf2f220a5318cdea88dea33416c1a3c55bcf80fb7
References (4)
https://github.com/advisories/GHSA-958x-98wv-7f7jOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-958x-98wv-7f7j
Quick Actions