Ensdomains is a organization tracked across 2 threat clusters and 1 intelligence report mention on ThreatCluster. First observed November 24, 2025; most recent activity November 24, 2025.
Ensdomains is identified as a target in a recent operation attributed to the threat actor Shai Hulud, with Zapier also cited as a victim. The report frames Ensdomains as part of a broader focus on cloud/SaaS platforms and domain-related services, highlighting the ongoing risk to automation workflows and domain infrastructure in cybersecurity.
The Shai Hulud worm has compromised more than 26,000 public repositories in a supply chain attack. The attack targeted various npm packages, exploiting vulnerabilities that allowed unauthorized access to these…
A new wave of the Shai-Hulud malware has compromised nearly 500 npm packages, affecting over 26,000 GitHub repositories. This self-replicating worm, which targets developers' credentials and secrets, has been linked to…