TI Mindmap HUB
Threat Intelligence Report

164 npm Packages Target Cloud and Finance via oob.moika.tech

📅 May 28, 2026 📰 safedep.io 🔍 0 CVE(s) referenced

A sophisticated attacker published 164 npm packages impersonating internal cloud and finance modules, exfiltrating full environment credentials—including API keys and secrets—via a stealthy postinstall payload, posing a severe supply chain risk to any developer or CI pipeline resolving from the public registry.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle