{ "type": "bundle", "id": "bundle--2d65f8fb-6613-4d3d-ba39-1adf5400f651", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--a5882289-a378-468a-83db-d6aadb5937d7", "created": "2025-01-31T09:24:41.436802Z", "modified": "2025-01-31T09:32:25.332836Z", "name": "Socket", "identity_class": "organization" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--b1335896-cf92-48d9-ae8e-565e33de4db5", "value": "172.86.84.38" }, { "type": "file", "spec_version": "2.1", "id": "file--b911f1ef-86d9-46c8-8228-ba7f2f2bb8c7", "hashes": { "SHA-256": "6a104f07ab6c5711b6bc8bf6ff956ab8cd597a388002a966e980c5ec9678b5b0" } }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--b75d94b2-f4b8-47f9-972b-e824932bb5a6", "value": "ricardoalexis0629@gmail.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--6d89e80e-49a0-4159-a9e5-d7f4b3ad2970", "value": "edanjohn1991@gmail.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--2178c2c7-72d3-4d45-9511-65b5373b7069", "value": "hottblaze012@gmail.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--a69730a0-4123-49e1-af25-ef57473a1c9f", "value": "alextucker@softworldnet.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--6a42363c-de43-466f-a7ed-cf5f892cd81b", "value": "robustplutus@gmail.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--6ab76c3f-c710-4ae9-abd1-b958df635b7b", "value": "elondavid888@gmail.com" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--13837376-0535-4c16-b15d-7363eb09a870", "value": "softworldnet.com" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b", "created": "2026-06-24T23:56:24.96082Z", "modified": "2026-06-24T23:56:24.96082Z", "name": "Lazarus" }, { "type": "report", "spec_version": "2.1", "id": "report--1adade42-66cd-4d9b-94e7-dbc03ea5938b", "created_by_ref": "identity--a5882289-a378-468a-83db-d6aadb5937d7", "created": "2026-06-24T23:56:24.982556Z", "modified": "2026-06-24T23:56:24.982556Z", "name": "Lazarus Strikes npm Again with New Wave of Malicious Package", "published": "2025-03-10T00:00:00Z", "object_refs": [ "identity--a5882289-a378-468a-83db-d6aadb5937d7", "ipv4-addr--b1335896-cf92-48d9-ae8e-565e33de4db5", "file--b911f1ef-86d9-46c8-8228-ba7f2f2bb8c7", "email-addr--b75d94b2-f4b8-47f9-972b-e824932bb5a6", "email-addr--6d89e80e-49a0-4159-a9e5-d7f4b3ad2970", "email-addr--2178c2c7-72d3-4d45-9511-65b5373b7069", "email-addr--a69730a0-4123-49e1-af25-ef57473a1c9f", "email-addr--6a42363c-de43-466f-a7ed-cf5f892cd81b", "email-addr--6ab76c3f-c710-4ae9-abd1-b958df635b7b", "domain-name--13837376-0535-4c16-b15d-7363eb09a870", "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b" ], "external_references": [ { "source_name": "source", "url": "https://socket.dev/blog/lazarus-strikes-npm-again-with-a-new-wave-of-malicious-packages" } ] } ] }