THREATNOIR
Subscribe
Back to Feed
Supply ChainJun 3, 2026

RT @marius_benthin: Two more recently published npm packages related to the same malware campaign...

Two malicious npm packages discovered linked to ongoing malware campaign.

Read at source

Summary

Security researcher Marius Benthin identified two newly published npm packages, 'ulid-os@3.0.2' and 'obfus-jsxy@3.2.0', as part of an active malware campaign. These packages represent continued supply chain attack activity targeting Node.js developers through the npm registry.

Indicators of Compromise

  • malware — ulid-os@3.0.2
  • malware — obfus-jsxy@3.2.0

Entities

npm (technology)Marius Benthin (researcher) (threat_actor)