{ "type": "bundle", "id": "bundle--14faa0c7-06a4-4ce1-aa6e-9e1a1826fa3b", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2025-12-03T00:51:50.222128Z", "modified": "2025-12-03T00:53:40.15867Z", "name": "OSM", "identity_class": "organization" }, { "type": "url", "spec_version": "2.1", "id": "url--c05f58c5-8d05-4665-8d3e-9fea3a1c131a", "value": "https://23.254.164.123:8000/update/49890878" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--28e8eedf-c3de-4146-960d-93c3250ea0b8", "value": "hwsrv-1327785.hostwindsdns.com" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--6e08e0f5-23e3-484f-9249-d5e15d1ce6dc", "value": "hwsrv-1327786.hostwindsdns.com" }, { "type": "file", "spec_version": "2.1", "id": "file--43d934c8-1650-4b14-aa97-45a88a0cde4e", "hashes": { "MD5": "c18fd75526533dfc90e91e2fb80effaf", "SHA-1": "cd1129d1522a553d0365c433657cee39e4fae82d", "SHA-256": "221c45a790dec2a296af57969e1165a16f8f49733aeab64c0bbd768d9943badf" } }, { "type": "file", "spec_version": "2.1", "id": "file--1c557bdf-379a-44dc-a0e1-d5ded122fb4e", "hashes": { "SHA-256": "4a8860240e4231c3a74c81949be655a28e096a7d72f38fbe84e5b37636b98417" } }, { "type": "url", "spec_version": "2.1", "id": "url--ba013c36-9b6e-4b21-bd99-3c5f684f5845", "value": "https://23.254.164.92:8000/update/49890878" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--b65a715f-2d52-4218-a4c2-c9cbadde923a", "value": "23.254.164.123" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--8a8d00b1-00b9-4f71-ab55-b7bf3734edcf", "value": "23.254.164.92" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b", "created": "2026-06-24T16:58:18.594366Z", "modified": "2026-06-24T16:58:18.594366Z", "name": "Lazarus" }, { "type": "report", "spec_version": "2.1", "id": "report--ee4d5b1f-5ae4-4191-a3f2-a3fc075d13d1", "created_by_ref": "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "created": "2026-06-24T16:58:18.603755Z", "modified": "2026-06-24T16:58:18.603755Z", "name": "Mastra Attack Targets Crypto, Password Managers, Authenticators, and Zapier", "published": "2026-06-18T00:00:00Z", "object_refs": [ "identity--a96f8bbb-0501-4026-a441-edfe31375afa", "url--c05f58c5-8d05-4665-8d3e-9fea3a1c131a", "domain-name--28e8eedf-c3de-4146-960d-93c3250ea0b8", "domain-name--6e08e0f5-23e3-484f-9249-d5e15d1ce6dc", "file--43d934c8-1650-4b14-aa97-45a88a0cde4e", "file--1c557bdf-379a-44dc-a0e1-d5ded122fb4e", "url--ba013c36-9b6e-4b21-bd99-3c5f684f5845", "ipv4-addr--b65a715f-2d52-4218-a4c2-c9cbadde923a", "ipv4-addr--8a8d00b1-00b9-4f71-ab55-b7bf3734edcf", "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b" ], "external_references": [ { "source_name": "source", "url": "https://opensourcemalware.com/blog/mastra-npm-malware" } ] } ] }