Threat Intelligence Report

Maven Central Malware: Jackson Typosquatting Delivers Cobalt Strike Payload

📅 December 30, 2025 📰 www.aikido.dev 🔍 0 CVE(s) referenced

A sophisticated, multi-stage malware was discovered on Maven Central, masquerading as the popular Jackson library via a subtle typosquatting attack, marking the first major supply chain compromise in the Java ecosystem and highlighting urgent gaps in namespace protection.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle