uniswap-test-sdk-core
MAL-2025-191443
npmmalware11/24/2025
Description
Malicious code in uniswap-test-sdk-core (npm)
Indicators of Compromise
SHA256 Hashes (3)
1651a056b320e2080b57505df7c323c160b7e8c8566e9b1177b1b38f34e9bca8
7c38e71c1e2aedb3a53222bf123d556fc0a971a3352751fe3abddeb272c11503
fe6b79cd83b108da1a067e001b5ee8a12f6b2b75ef559b4fca893dc2029eb1b6
References (4)
https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSVhttps://github.com/advisories/GHSA-ccph-p2q2-gx2pOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-ccph-p2q2-gx2p
Quick Actions