@ifelsedeveloper/protocol-contracts-svm-idl
MAL-2025-191235
npmmalware11/24/2025
Description
Malicious code in @ifelsedeveloper/protocol-contracts-svm-idl (npm)
Indicators of Compromise
SHA256 Hashes (4)
01f36e2d64aff8cffe6ef41587baca6abe0e1839fef0925a7e72c5b3c8f9ac66
f61e07701985e8f99d578845d6823da07c87bf03efc6afae27e6282a890520ce
dd130cc8248982ebd1e7e043ae67c7d32e9c0d7024c47f51d5af0e9fa1c12c29
0ebad94575bfb2cd8fa2b2a983de3033efaa17be2302b268c8c285d4de8ce9b0
References (4)
https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSVhttps://github.com/advisories/GHSA-xgj5-84xr-63rmOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-xgj5-84xr-63rm
Quick Actions