{ "type": "bundle", "id": "bundle--393256e9-546e-4ebf-961a-5d1ea6ded0f0", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--a361b290-d09a-4e0e-a13d-681ca0c3dcc7", "created": "2023-03-08T12:51:43.404685Z", "modified": "2024-08-31T04:09:59.408166Z", "name": "Microsoft", "identity_class": "organization" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--2affbaa4-5aae-53f8-8e70-9e82df1e8160", "created": "2026-06-24T23:57:10.945664Z", "modified": "2026-06-24T23:57:10.945664Z", "name": "OnyxSleet" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--7e17b02a-817f-58ff-8489-aac76b0f02a4", "created": "2026-06-24T23:57:10.947917Z", "modified": "2026-06-24T23:57:10.947917Z", "name": "DiamondSleet" }, { "type": "report", "spec_version": "2.1", "id": "report--b73f281d-1cdc-4db5-9e04-8d808a1384b2", "created_by_ref": "identity--a361b290-d09a-4e0e-a13d-681ca0c3dcc7", "created": "2026-06-24T23:57:10.950572Z", "modified": "2026-06-24T23:57:10.950572Z", "name": "Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability", "published": "2023-10-18T00:00:00Z", "object_refs": [ "identity--a361b290-d09a-4e0e-a13d-681ca0c3dcc7", "threat-actor--2affbaa4-5aae-53f8-8e70-9e82df1e8160", "threat-actor--7e17b02a-817f-58ff-8489-aac76b0f02a4" ], "external_references": [ { "source_name": "source", "url": "https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/" } ] } ] }