{ "type": "bundle", "id": "bundle--cd1dd91f-d1ce-44da-8d55-38e34e0d1c13", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2025-12-03T00:51:50.222128Z", "modified": "2025-12-03T00:53:40.15867Z", "name": "OSM", "identity_class": "organization" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--e9e7ae04-1d88-4e21-9189-65d5168fe661", "value": "18.208.244.120" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--9915c9bf-525f-4f00-a266-524e57912f79", "value": "sfrclak.com" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--794180bf-52c3-45df-bf94-6810144b7a2f", "value": "142.11.206.73" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--b1fc54ae-4fb3-5833-9e0f-4873d16620f8", "created": "2026-06-24T21:08:50.246287Z", "modified": "2026-06-24T21:08:50.246287Z", "name": "UNC1069" }, { "type": "report", "spec_version": "2.1", "id": "report--9bf80f29-e997-4317-be12-24811beb7b16", "created_by_ref": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2026-06-24T21:08:50.249101Z", "modified": "2026-06-24T21:08:50.249101Z", "name": "Axios attacker strikes again! Three NPM packages have been hiding in plain sight for two months", "published": "2026-05-19T00:00:00Z", "object_refs": [ "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "ipv4-addr--e9e7ae04-1d88-4e21-9189-65d5168fe661", "domain-name--9915c9bf-525f-4f00-a266-524e57912f79", "ipv4-addr--794180bf-52c3-45df-bf94-6810144b7a2f", "threat-actor--b1fc54ae-4fb3-5833-9e0f-4873d16620f8" ], "external_references": [ { "source_name": "source", "url": "https://opensourcemalware.com/blog/axios-attacker-additional-npm-packages" } ] } ] }