1202 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
MAL-2025-188710 Malicious code in pino-pretty-yildun-express-graphql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 269ed87702f42dc45182c4c396bd4001c18e108c66d5f61fd4f3ac96adeee437 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in futurology-fermiparadox-parsec-publish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7932b00db63a52a64e991976f6b489776b42c5b992ba035510f6778c3fcd33c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in archaeogenetics-ganymede-paleoceanography-ignite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f632db2abe61d259b3bc4c1f8b0dace7f1c727cfead5c4c2611a7642171c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in report-epsilon-socket-beta-sudo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a374b6f621a7480a7de9e738180564cc75591db6337a7b845ed16decbc25ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zero-epsilon-bash-cache-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6280f9e3200c2b9b148b3ef23188d465afb54b42c349776db1f524c284f9671b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in areology-atlas-dotenv-safe-greatfilter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30a274a73b2bf94ea441167c4bdbdd6e5887ef52aa83f8c6509c5c8349835aa6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in carpo-release-it-oberon-halley (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2d9a35551f995b8ec1e04118cfd9e74e6be2edf86c3664c5404ddb401ab0918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in omicron-thread-report-query-book (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f62ea97ed14fec7e80933898874e26a0acece68b1bc07541460b1a79ccbebcfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in test-fork-gravity-puppeteer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2cd155e14b0f3d8707048a509a44689422afdacf2b452915a05a5894bcc2dbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wasat-photon-await-mocha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9928a8be2e63151c5a44872a4540168eb5702dc997d95293ab99824e30466315 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in betelgeuse-sadr-antd-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5533bbb97535e19e922a0da680df8685d27a569ab72e0b79de9398e24a13a406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in json-apollo-rate-limiter-cross-env (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4041eaf381f192fe6b5f0fa41e0d62e7c44bdd9c3dca76d45a758c432e541b9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in user-double-signal-node-upsilon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331f615747fa4552139398bd5bd8ab96fb56c9ffdc6d81e14eaece427b08e5f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...