Bun - Tool

Threat entity extracted from intelligence sources

Frequency
21
occurrences
First Seen
November 24, 2025
Last Seen
June 26, 2026

Bun is a tool tracked across 10 threat clusters and 21 intelligence report mentions on ThreatCluster. First observed November 24, 2025; most recent activity June 26, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Miasma Malware Uses binding.gyp and Bun to Execute Hidden Payloads in npm Packages — Cybersecuritynews · June 26, 2026
  • Compromised GitHub action codfish/semantic-release-action steals CI/CD secrets — Aikido.Dev · June 24, 2026
  • New PyPI Wave in Mini Shai-Hulud, Miasma, and Hades Campaign — Technadu · June 9, 2026
  • Meet Hades: The malware that lies to AI security agents — Csoonline · June 9, 2026
  • Shai-Hulud "Hades" Wave Hits Six PyPI Bioinformatics Packages via Stolen Tokens — Endorlabs · June 8, 2026
  • Endor Labs — www.endorlabs.com · June 4, 2026
  • NWHStealer Campaign Deploys Bun Loader, Anti-VM Evasion, and Encrypted C2 — Gbhackers · May 8, 2026
  • Aikido researchers — www.aikido.dev · April 29, 2026

CVSS v3.1 Breakdown