[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIe8GDH71eTL7OM6e1m6qcFEhgkBiurBXQbhwwIWDHbw":3},{"article":4,"iocs":46},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":26,"category":27,"article_tags":30},"25978ee5-3b38-4f04-8af3-a8ed17a3e838","One more malicious npm package spotted: \"hex-type@3.0.2\" - part of the ongoing MicrosoftSystem64...","one-more-malicious-npm-package-spotted-hex-type-3-0-2-part-of-the-ongoing-micros-78702a","One more malicious npm package spotted: \"hex-type@3.0.2\" - part of the ongoing MicrosoftSystem64 RAT campaign that exfiltrates data via HuggingFace. https:\u002F\u002Ft.co\u002F4PC4r0ZzJM https:\u002F\u002Ft.co\u002F8Tq0kMP6MP","A new malicious npm package, 'hex-type@3.0.2', has been identified as part of the ongoing MicrosoftSystem64 RAT campaign. This campaign is designed to exfiltrate sensitive data, utilizing HuggingFace as a command and control channel. The discovery highlights continued risks within the open-source software supply chain.","Malicious npm package hex-type@3.0.2 discovered as part of MicrosoftSystem64 RAT campaign.",null,"https:\u002F\u002Fx.com\u002Fnextronresearch\u002Fstatus\u002F2064948304807415904","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHKgphrqWUAAZ-QD.jpg","2026-06-11T05:50:15+00:00","2026-06-11T07:00:05.234695+00:00",8,[18,21,23],{"name":19,"type":20},"npm","product",{"name":22,"type":20},"hex-type@3.0.2",{"name":24,"type":25},"HuggingFace","vendor","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":26,"icon":11,"name":28,"slug":29},"Malware","malware",[31,36,41],{"category":32},{"id":33,"icon":11,"name":34,"slug":35},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":37},{"id":38,"icon":11,"name":39,"slug":40},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":42},{"id":43,"icon":11,"name":44,"slug":45},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[47,50,54],{"type":29,"value":48,"context":49},"MicrosoftSystem64 RAT","Name of the RAT campaign.",{"type":51,"value":52,"context":53},"domain","huggingface.co","Used as a command and control channel for data exfiltration.",{"type":55,"value":56,"context":57},"url","https:\u002F\u002Fhuggingface.co\u002F","Likely C2 infrastructure for data exfiltration."]