Malicious code in oktafian-sroto77-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc65eaf2a74f9780cc45ec01e760703dd263f12d12fc4c0ff1b5f3b37ad9a84f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gita-serabi2-sumpek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58a9037107769a7336bdecdf908fa0224184c44f9634010133d13953387dd52f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ocha-otak-otak24-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36d205d3f44627cef8a46d908698eb11e76b50dd16abefd3aaab4db113cedf96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-52760 Malicious code in gita-kolak94-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69d36c38d2c58c32a9a0debba9712cb68dc0729b4876c56e7de25bd2da0ebe05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-53321 Malicious code in maman-lapis3-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968fe16297a68a04f52bd78995b6c4bdfa89c7ce2d51d5871f700eed1ee8b729 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-53495 Malicious code in nina-kembang65-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0ff7267d3cc740ed74e41bee7826562f0317646523ec2959362048217f91fae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in candra-tahutek67-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2344f74813b918864ce821f72a0250fe6dec16bba0f93f56f68e2b9bcc072a59 The package candra-tahutek67-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

MAL-2025-50650 Malicious code in vida-jengkol79-sumpek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3001844046dbca0b627ec4024636eb300c82ad53c3e114c9373276a8c2f3c400 The package vida-jengkol79-sumpek was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Malicious code in citra-serimuka38-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9286af691779c4244fcbe8491a834a709ead791ef4853ff711c024368625d9b The package citra-serimuka38-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Malicious code in budi-teh45-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d72ddb11cc278eb3740662168f0de6e6b3c1fad81e959669dc98db5442f9664 The package budi-teh45-sluey was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded n...

Malicious code in fadhil-donat91-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6aae2d9799597052e951ea8060eec89c2c2ed4bc2bb2999b3dda15c10f3b10b0 The package fadhil-donat91-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...

Malicious code in wibowo-serimuka55-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db2323ef293720572963a57b5ef51cc4b2141fd321e04a5a25ccf4b8f7e7e315 The package wibowo-serimuka55-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

MAL-2025-50184 Malicious code in dewanto-kemplang8-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e91f354a11f25f2e0c1b1c2d0f8d8aef51a79d2d4367b1a0e81a0ef2f220c3c6 The package dewanto-kemplang8-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Malicious code in agus-kolak31-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85cb3402bea860fe47e88e2e59d3ffdd453b7c027257ff02582be2244c0ebc3f The package agus-kolak31-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...

MAL-2025-51635 Malicious code in eka-mangga25-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7418d4e74782e1249db68069d83f6325454584f48f1444974b11ec259942d68 The package eka-mangga25-sluey was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...

A Cascade of Insecure Architectures: Axis Plugin Design Flaw Expose Select Autodesk Revit Users to Supply Chain Risk

We discovered Azure Storage Account credentials exposed in Axis Communications’ Autodesk Revit plugin, allowing unauthorized modification of cloud-hosted files. This exposure, combined with vulnerabilities in Autodesk Revit, could enable supply-chain attacks targeting end users...

EUVD-2004-0434

Malware in sbrugna...

CVE-2025-9963

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 commit d0f97fd9...

CVE-2025-9963

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 commit d0f97fd9...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...