4598 matches found
MAL-2025-164340 Malicious code in poli-aki-alai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3767b172972d4d77671bc776ec2ab0a0be3717c66ec308d04eec3a06c8c4cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-150806 Malicious code in @miptaa02/kwnhj (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d045478e07c8fe3cfeabeadda1e69a9a3ce52f3c54756b426c9b26d14049a9b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-150864 Malicious code in @miptaa02/nothis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbacf5e7cca3e21ca88a08fa59df471f28a1839512ddac57ee914b1c67fc21be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in billa-52 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3450d754e526cb305a74616b587fe87b080c0812abc502eba1a8337cb2ae485b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in manadsi-sfdada-mivafifd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97c69f5d5aa3142f4deed5d5aa743047e4a30e7217d89fe3b36d979fdc695e6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in teagood-nakamala71 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 708972f026f574ab3eb49006e63c50a1d1e3cfe326683395cbd6ce0c99601c50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avomainah-fras-ofafafau (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2c95b7b26daee26bff5eff26c855d513c9302629e6430b919879202f2d1fb15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in manapf-manta-n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae27cfe35ce96acded3adacdabbeae9151f42680acf66d07563d5f34c285905f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ucok-poke67 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f0f9c62ca015d8bc6075952cb5b2372299ca1a1a69659bb5db2f11140dab08a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-161327 Malicious code in nabuf-ogauof-dofufsi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99368d0e092cadf8156538f9f098cf57f9188bd6cb7411242c8c56c85f3e3533 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-161201 Malicious code in nabila-poke100 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59c0d8313f5eed921302657b7f1776aeec4b30bbb64f760ac5d6f5b9581d2992 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-160996 Malicious code in mursai-bdurt-sd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b285b395afa0339a4acbefdb72bf1b8b5013ccac5a9d6e1cb84d61973872e9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-170094 Malicious code in upa-lubalauvalio-ilualsgdfsdfsu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e75f1a91d1cc1c9ffb941f3c458c9798808158b9d8b156f1e981bf2675c86c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Security Bulletin: IBM QRadar SIEM is affected by improper storage of credentials in configuration files
Summary IBM QRadar SIEM is affected by improper storage of credentials in configuration files in source control. IBM has addressed the issue in the latest update. Vulnerability Details CVEID:CVE-2025-33119 DESCRIPTION: IBM QRadar SIEM stores user credentials in configuration files in source contr...
Malicious code in forever-andromeda-sadr-barnard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c25d29d91f79f19cbf57e67c5c4e2b0a700835050ceb880fa502657636e89fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cressida-acamar-charon-spectron-webdriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44c9be43fdc513003e60ad4426881dc8b83d6aed4cf66c109c9073059edd2499 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140163 Malicious code in buffer-nodejs-native-grunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bdfe7b627e6dbe13e573500c4bac8abb0660f48ef88bf69c58ce61ebef05e0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in levels-npm-yaml-xanadu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa37b47332dae889eb886aef463cd255b9f8cdd61f08346e076667848f360354 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in uninstall-zephyr-publish-aether (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b931f7d82bdf49c8bd7009b6500a4b5e18fbc27af224965bbe9a5312f8102958 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in callback-adonis-native-ophiuchus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc6b2adb2024fc786ab7d03d9c9e3da8107a9c830bea338dd0148d6b47c1e442 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...