{ "type": "bundle", "id": "bundle--4bd234b7-db99-4478-8031-8dc6ee798183", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2025-12-03T00:51:50.222128Z", "modified": "2025-12-03T00:53:40.15867Z", "name": "OSM", "identity_class": "organization" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--f1ac3efa-e16f-4f43-90c3-a133d583b0a2", "value": "audit.checkmarx.cx" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--517f1d6a-514b-592b-8216-43a310ad6d08", "created": "2026-06-24T16:52:41.538921Z", "modified": "2026-06-24T16:52:41.538921Z", "name": "ContagiousInterview" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b", "created": "2026-06-24T16:52:41.543977Z", "modified": "2026-06-24T16:52:41.543977Z", "name": "Lazarus" }, { "type": "report", "spec_version": "2.1", "id": "report--fb10c4c5-d760-47ea-b839-443e3b65c008", "created_by_ref": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2026-06-24T16:52:41.549138Z", "modified": "2026-06-24T16:52:41.549138Z", "name": "How malware abuses npm lifecycle scripts and VS Code tasks", "published": "2026-05-14T00:00:00Z", "object_refs": [ "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "domain-name--f1ac3efa-e16f-4f43-90c3-a133d583b0a2", "threat-actor--517f1d6a-514b-592b-8216-43a310ad6d08", "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b" ], "external_references": [ { "source_name": "source", "url": "https://opensourcemalware.com/blog/malware-abuses-vscode-lifecycle-scripts" } ] } ] }