npm

llm-oracle

llm-oracle is identified in the SafeDep analysis "Malicious Open Source Library Analysis: llm-oracle and its Payload". Malware hidden in open source library packages are real. In this article, we analyse the malicious npm package llm-oracle.

discovered 2024-11-04

Threat types

other

Malicious versions

1.0.2

Campaigns

No Specific Campaignattributed-to

Indicators

email[email protected]exfiltrates-to

Techniques

ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttpT1059.007 Command and Scripting Interpreter: JavaScriptuses
ttpT1105 Ingress Tool Transferuses

Read the full analysis →