← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
wormsign — supply-chain: npm:@service-suppliers/set_selected_supplier
Wormsign detonated npm:@service-suppliers/set_selected_supplier in a network-sandboxed environment. Observed 7 indicator(s); 7 appear novel against OTX as of submission. The malicious package was published to the npm registry and is included in our open supply-chain indicator feed. Full context, per-IOC tier classification, and the detonation card with MITRE TTPs: https://wormsign.io/portfolio/@service-suppliers/set_selected_supplier. Search any IOC across the wormsign corpus: https://wormsign.io/?q=oob.moika.tech TLP:CLEAR — indicators only, no malware samples.
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| hostname | oob.moika.tech | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://oob.moika.tech/report | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://oob.moika.tech/payload | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://github.service-suppliers.io/platform/set_selected_supplier.git | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://jira.service-suppliers.io/projects/PLATFORM | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://docs.service-suppliers.io/platform/set_selected_supplier | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 | |
| URL | https://npm.service-suppliers.io | observed during wormsign detonation of @service-suppliers/set_selected_supplier | 2026-06-03 |