@voiceflow/exception
MAL-2025-191347
npmmalware11/25/2025
Description
Malicious code in @voiceflow/exception (npm)
Indicators of Compromise
SHA256 Hashes (3)
29530e3509a532ae386aab9a3f781c63a749ff235406e6e7ea1de3b36a163969
3494a264b1e2c6d06676dbfdaa8b0d8062dbc63b6f8566e534767d285b735727
2eb8d68b66e59da1a4b42db0ac46ad31c940a051f6d6da86d55cd0ad7ac3f33b
References (4)
https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSVhttps://github.com/advisories/GHSA-q7cp-f4mj-8m39OSV
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-q7cp-f4mj-8m39
Quick Actions