{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifrcpexoc2kuwbigmdxionrbcfmghnrxlzh3b5rxliltd2smxsmem",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mit2lqvtu322"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibtbf4unpu2cbzrhr4hpbvkpa2v3o55l2ne3l6ksilrdstloxbqfq"
    },
    "mimeType": "image/webp",
    "size": 23278
  },
  "path": "/north-korea-linked-hackers-likely-used-the-axios-npm-compromise-to-deliver-a-cross-platform-rat/",
  "publishedAt": "2026-04-05T18:03:38.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "North Korea-linked hackers likely used the Axios npm compromise to deliver a cross-platform RAT",
    "VPN Central"
  ],
  "textContent": "The Axios npm compromise now appears tied to a North Korea-linked threat cluster, according to multiple security vendors. CrowdStrike attributed the activity to STARDUST CHOLLIMA with moderate confidence, while Google Threat Intelligence Group linked the campaign to UNC1069, a North Korea nexus actor that has targeted cryptocurrency and fintech organizations. The attack hit on March […]\n\nThe post North Korea-linked hackers likely used the Axios npm compromise to deliver a cross-platform RAT appeared first on VPN Central.",
  "title": "North Korea-linked hackers likely used the Axios npm compromise to deliver a cross-platform RAT"
}