indicatorurl
hxxp://sfrclak[[.]]com:8000/6202033
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 4
Posts referencing this indicator
- Supply Chain Attack on Axios Pulls Malicious Dependency from npm
C2 URL used to fetch platform-specific payloads.
- Mitigating the Axios npm supply chain compromise
Endpoint used by the first-stage loader to fetch OS-specific RAT payloads.
- Elastic releases detections for the Axios supply chain compromise
C2 URL used to fetch the second-stage payloads.
- North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER.V2 payload delivery URL