1080 matches found
Embedded Malicious Code
Overview @velora-dex/sdk is a SDK for the Velora API Affected versions of this package are vulnerable to Embedded Malicious Code that delivers a malicious payload through dist/index.js. An attacker uploaded a compromised version of the package directly to the npm registry. The payload runs a...
Malicious code in miranda-koa-fetch-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0542faa9fd01fa72c958cf46a1d5a08f0ba4db727709a088052187230321c063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in pavo-colors-taurus-eslint-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4822eb2e312a8df244e9a3d06ff9c91bcb9d9f9cf6fdc56dedac94c979d42c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rate-limiter-callback-nebula-electron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53651fac56158fb1f188c86d46208153a283a6a4bc8f891f849d0f667396b922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186451 Malicious code in cypress-technosignature-solarnebula-protractor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee5b6d2c365fa8597a05437b8cedda2feb5adf1dbce76e271afccd20f7f8e10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187393 Malicious code in husky-eridanus-quasar-geckodriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19e89051fac6b87ecbec90f9d80c101f8f3a1d9fe8faf531046b922f215b64a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185953 Malicious code in bunyan-titan-sadr-loop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 836a1408b10c9b214262db701f733ba4db831e2d0fc96887aae14c022b606bcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186243 Malicious code in commitizen-radioastronomy-steganography-grunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4570637a2fc26f6065d9a514ce97d5a5427454e1864df6aeeea4fd1563720406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185386 Malicious code in adonis-cosmos-eslint-plugin-izar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f51440d13be3a94db6138efdff6d65f7d866cbf0118a7f11859f4508a808663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in css-minimizer-webpack-plugin-vuetify-ichnology-redshift (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51432f68b706b7ae7c14c4afd85ef5068b6383f1eb97bea5a751ea91677a542 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in magnetar-palynology-uranology-blackhole (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd8cb005d3b13b23a50a504bd007171a1a10b97495979bb817020abdb259373 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in yakutsk-alphard-winston-nconf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42520c8dc3cb5fcd945016e4d3fca6d736c2b65f9e37c7c765d7c18be63ba45d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in holography-hercules-janus-postcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc0747bbcd6e1cb7fbbcd0dc7b214cd578ce9437437d5ff92c3122cd217d7f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in paleontology-acamar-steganography-commitlint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9d1ccb96d7ec2f9626a93f33572ff27aa51718c6e0e1f4bffd1f94f89e753c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mui-meissa-subscription-event (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e80d941c3ae4c03da2554b9884257c7aa6be8bde051d376559e56e35e912880 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quantumfoam-zenobia-reveal-md-yaml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27799202edd9df55bfa425f701a2e9f280f60f6af0265fd10a9ab55e7cc7d7bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hercules-css-loader-restart-eslint-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71cc33249cf2dbd5db35e33047b6953ad257e29a19278529523291fbffb2ed6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postgres-soap-apex-vortex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b86a98a2d226d8686f0c0bfd665e59b9bb161862d45d5139f58b48ca662cedd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vuetify-firebase-darkmatter-mineralogy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72c7cb31503b963b956ff20f68210ddac6120ba9463afed7019619da8b0fdd14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in antares-aurora-mocha-corvus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 889355acffa58cb18b880f4ddd5e587f1056c8f5bbdccc545b03da310c4e347c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...