@actbase/react-native-kakao-channel contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

@actbase/react-native-tiktok contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

@actbase/react-native-fast-image contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

MAL-2025-190793 Malicious code in @actbase/react-native-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...

Malicious code in @actbase/react-native-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198883

Malicious code in @actbase/react-native-kakao-channel npm...

MAL-2025-190709 Malicious code in @actbase/react-native-fast-image (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7879bec5ae80ecf74326a88c3b01895fe758fa9ddd7e9375e187588383eac0ee The package @actbase/react-native-fast-image was found to contain malicious code. Source: ghsa-malware...

Malicious code in @actbase/react-native-less-transformer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190710 Malicious code in @actbase/react-native-less-transformer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...