{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibxdx6uskx4zrwapxjlbpmiopkl4irkor7cnesimmzuuj2fqrbal4",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mm4xcwwmv4p2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreif6iy4aos5jxqzp5pxxa34hxw3utdh4jkodqaivqaocjfky4md46a"
    },
    "mimeType": "image/jpeg",
    "size": 575590
  },
  "path": "/2026/05/four-malicious-npm-packages-deliver.html",
  "publishedAt": "2026-05-18T08:57:26.000Z",
  "site": "https://thehackernews.com",
  "tags": [
    "@deadcode09284814"
  ],
  "textContent": "Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP.\nThe list of identified packages is below -\n\nchalk-tempalte (825 Downloads)\n@deadcode09284814/axios-util (284 Downloads)\naxois-utils (963 Downloads)\ncolor-style-utils (934 Downloads)\n\n\"One of the packages (chalk-tempalte)",
  "title": "Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware"
}