[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbuVwknGHztuJmAdsD5TmhSSy1a6d-Y2nKHa0wR0KHuY":3},{"article":4,"iocs":43},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":11,"published_at":13,"ingested_at":14,"relevance_score":15,"entities":16,"category_id":23,"category":24,"article_tags":27},"443a9143-07b0-4196-a7db-c2c989ec130f","RT @marius_benthin: Two more recently published npm packages related to the same malware campaign...","rt-marius-benthin-two-more-recently-published-npm-packages-related-to-the-same-m-4cd700","RT @marius_benthin: Two more recently published npm packages related to the same malware campaign: \"ulid-os@3.0.2\" and \"obfus-jsxy@3.2.0\".…","Security researcher Marius Benthin identified two newly published npm packages, 'ulid-os@3.0.2' and 'obfus-jsxy@3.2.0', as part of an active malware campaign. These packages represent continued supply chain attack activity targeting Node.js developers through the npm registry.","Two malicious npm packages discovered linked to ongoing malware campaign.",null,"https:\u002F\u002Fx.com\u002Fnextronresearch\u002Fstatus\u002F2062238673937051761","2026-06-03T18:23:09+00:00","2026-06-03T19:00:13.496045+00:00",7,[17,20],{"name":18,"type":19},"npm","technology",{"name":21,"type":22},"Marius Benthin (researcher)","threat_actor","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":23,"icon":11,"name":25,"slug":26},"Supply Chain","supply-chain",[28,33,38],{"category":29},{"id":30,"icon":11,"name":31,"slug":32},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":34},{"id":35,"icon":11,"name":36,"slug":37},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":39},{"id":40,"icon":11,"name":41,"slug":42},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[44,47],{"type":32,"value":45,"context":46},"ulid-os@3.0.2","Malicious npm package",{"type":32,"value":48,"context":46},"obfus-jsxy@3.2.0"]