logo

The OpenSourceMalware Show #10

ID: b71401f5-906e-548a-aacf-ee81f00c17dc

STIX ID: report--b71401f5-906e-548a-aacf-ee81f00c17dc

Feed Name: OpenSourceMalware Blog

Threat Score
85/100

Date Published: 2026-06-25

Date Updated: 2026-07-02

Author: cb482791-4ef1-4762-96ad-b0ca4bdd538e

...
...

This podcast episode summarizes current software supply chain threats, highlighting DPRK Lazarus Group activity (version "sandwiching" to hide malicious versions, reuse of Aptos/Tron/BSC memos as mutable C2, and embedded human-readable campaign tags) and general trends including cross-ecosystem malicious packages (npm/PyPI/VS Code), dynamic imports from external URLs that evade package managers and firewalls, clustered packages with single payload providers, and payload splitting across files or packages—providing defenders with observable TTPs and examples to inform detection and hunting.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.