IOC Radar
TLP:WHITE1 IOC

Hackers Compromise 140+ Mastra npm Packages to Steal Credentials

CP
Cyber Press
Published June 17, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTURE23.254.164.123CAPABILITYCobalt StrikeGh0st RATVICTIMunknown
Adversary
Infrastructure(1)
Capability(2)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
IP23.254.164.123
aptbotnetexfiltration
Medium
53
Jun 17, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
IP
IP1Malware2REPORTHackers Compromise 140+ MaCobalt StrikeGh0st RAT
scroll to zoom · drag to pan · click IOC to open