@alexadark/gatsby-theme-events
MAL-2025-191182
npmmalware11/25/2025
Description
Malicious code in @alexadark/gatsby-theme-events (npm)
Indicators of Compromise
SHA256 Hashes (3)
cb173f0171c1e09d22f4d8908547249932fb9e59a24fb232a106c13ee114c070
a4f2f7b1c239d2c4eeb3d27da5cafadc9ccfb31d380c13bda3992c00a3a275b3
8516b639c9bdcc54192b6e206090c381522d0f48987715c16f5c68a90ca3b8f4
References (4)
https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSVhttps://github.com/advisories/GHSA-fvh8-qv4r-rcffOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-fvh8-qv4r-rcff
Quick Actions