{"id":50715,"date":"2023-02-23T16:22:01","date_gmt":"2023-02-23T16:22:01","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34353\/NPM-Repository-Flooded-With-15-000-Phishing-Packages.html"},"modified":"2023-02-23T16:22:01","modified_gmt":"2023-02-23T16:22:01","slug":"npm-repository-flooded-with-15000-phishing-packages","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/","title":{"rendered":"NPM Repository Flooded With 15,000 Phishing Packages"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/022223_tiktok.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The battle against threat actors targeting the open-source ecosystem continues, with researchers observing a sudden surge of over 15,000 phishing packages flooding NPM, the world&#8217;s largest free software registry.<\/p>\n<p>The malicious packages were created using an automated process to distribute links to phishing campaigns across a few hours between Feb. 20 and 21. It was carried out through multiple user accounts, making it difficult for security teams to identify and remove packages quickly, Checkmarx researcher Yehuda Gelb noted in a Tuesday&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/checkmarx.com\/blog\/how-npm-packages-were-used-to-spread-phishing-links\/\" target=\"_blank\">blog post<\/a>.&nbsp;&nbsp;<\/p>\n<p>A large number of corrupted packages use names related to game cheats, free resources, and social media platforms, such as &#8220;free-tiktok-followers&#8221; and &#8220;free-xbox-codes,&#8221; to entice users to click the links and direct them to multiple well-designed phishing webpages.&nbsp;&nbsp;<\/p>\n<p>Upon further investigation of the phishing websites, the Checkmarx team found some directed users to eCommerce sites with referral IDS, including AliExpress, one of the world&#8217;s largest online retail platforms.<\/p>\n<p>&#8220;Like many other retail websites, AliExpress offers a referral program that rewards members for referring new customers to the platform. If the threat actors refer their victims to AliExpress and they make a purchase, the threat actors&#8217; accounts will receive a referral reward in the form of a coupon or store credit,&#8221; Geib explained. &#8220;This highlights the potential financial gain for threat actors who engage in phishing campaigns like this one.&#8221;&nbsp;<\/p>\n<p>In this case, while the consequences of the attacks may not appear as severe as some other open source vulnerabilities, Geib told SC Media that this tactic could easily be adapted to cause significant harm in the future.&nbsp;&nbsp;<\/p>\n<p>&#8220;For example, an attacker could deceive a victim into visiting a site that <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/analysis\/application-security\/ransomware-campaign-targets-popular-open-source-packages-with-cleverly-hidden-payload\" target=\"_blank\">installs ransomware<\/a> on their computer or steals sensitive information,&#8221; Geib said.&nbsp;&nbsp;<\/p>\n<p>In addition, he highlighted the use of automation and the effort to create many user accounts to conceal the scale of the attack, saying it shows &#8220;the sophistication and determination of these attackers, who were willing to invest significant resources in order to carry out this campaign.&#8221;&nbsp;<\/p>\n<p>Attackers have constantly invested in automation to quickly grow their reach and impact. In April last year, Checkmarx&nbsp;detailed&nbsp;the novel techniques <a href=\"https:\/\/checkmarx.com\/blog\/attacker-adds-evasive-technique-to-their-ongoing-attacks-on-npm\/\" target=\"_blank\" rel=\"noreferrer noopener\">a threat actor called RED-LILI<\/a> used to publish malicious NPM packages from automatically created user accounts.&nbsp;&nbsp;<\/p>\n<p>In December last year, researchers from <a rel=\"noreferrer noopener\" href=\"https:\/\/medium.com\/checkmarx-security\/illustria-checkmarx-finds-140k-phishing-packages-6813c27d10ac\" target=\"_blank\">Checkmarx and Illustria found 144,000 malicious packages <\/a>published to NuGet, NPM, and Pypi using automation to distribute phishing links. Interestingly, Geib said the threat actor behind the Feb. 20 and 21 attacks appears to be the same as this spam attack detected in December. &nbsp;&nbsp;<\/p>\n<p>&#8220;We believe it is the same attacker because of their use of similar tactics, including the similar pattern of package names and a similar method of monetization,&#8221; Geib explained.&nbsp;&nbsp;<\/p>\n<p>Roger Grimes, a defense evangelist at KnowBe4, said these overt attempts to spam an open source ecosystem do not bother him as much as those attempting to blend in.&nbsp;&nbsp;<\/p>\n<p>&#8220;While being flooded with spam is never good, it gets immediately noticed and mitigated. It&#8217;s harder for open source projects to spot and stop rare one-offs,&#8221; he said.&nbsp;&nbsp;<\/p>\n<p>However, Geib underscored the importance of understanding the recent spam attack on the NPM platform as it highlights the <a href=\"https:\/\/www.scmagazine.com\/analysis\/devops\/open-source-package-with-millions-of-downloads-vulnerable-to-account-takeover\" target=\"_blank\" rel=\"noreferrer noopener\">growing trend<\/a> of attackers exploiting the trust of open source ecosystems, and he expects this trend to continue.&nbsp;<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34353\/NPM-Repository-Flooded-With-15-000-Phishing-Packages.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":50716,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10391],"class_list":["post-50715","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerphishbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-23T16:22:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/022223_tiktok.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"NPM Repository Flooded With 15,000 Phishing Packages\",\"datePublished\":\"2023-02-23T16:22:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/\"},\"wordCount\":572,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/npm-repository-flooded-with-15000-phishing-packages.jpg\",\"keywords\":[\"headline,hacker,phish,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/\",\"name\":\"NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/npm-repository-flooded-with-15000-phishing-packages.jpg\",\"datePublished\":\"2023-02-23T16:22:01+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/npm-repository-flooded-with-15000-phishing-packages.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/npm-repository-flooded-with-15000-phishing-packages.jpg\",\"width\":1280,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-repository-flooded-with-15000-phishing-packages\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,phish,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerphishbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"NPM Repository Flooded With 15,000 Phishing Packages\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/","og_locale":"en_US","og_type":"article","og_title":"NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-02-23T16:22:01+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/022223_tiktok.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"NPM Repository Flooded With 15,000 Phishing Packages","datePublished":"2023-02-23T16:22:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/"},"wordCount":572,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/npm-repository-flooded-with-15000-phishing-packages.jpg","keywords":["headline,hacker,phish,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/","url":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/","name":"NPM Repository Flooded With 15,000 Phishing Packages 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/npm-repository-flooded-with-15000-phishing-packages.jpg","datePublished":"2023-02-23T16:22:01+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/npm-repository-flooded-with-15000-phishing-packages.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/npm-repository-flooded-with-15000-phishing-packages.jpg","width":1280,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/npm-repository-flooded-with-15000-phishing-packages\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,phish,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerphishbackdoor\/"},{"@type":"ListItem","position":3,"name":"NPM Repository Flooded With 15,000 Phishing Packages"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50715","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50715"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50715\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/50716"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50715"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50715"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}