Lucene search
K

161 matches found

Snyk
Snyk
added 2026/05/18 9:0 p.m.8 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2025/11/24 4:24 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in wezen-hexo-update-lithosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29b835942f6a8543c810550c04c687136135ae9e3c47b61eb95bd234b7c13caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in eslint-config-jovian-middleware-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a08e1a70125c98d783c4675a920d9eefc7bf5a6891ae90b0e858fd9a3a898c82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in xanthus-child-process-radiant-biotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0772cba129a84f6a60d24186646d0488d9fea195f97e08ef3a181221632a17c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-189208 Malicious code in resonance-middleware-octans-graviton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9970ca8ef6e7f17379376bad34acd43e416abc3403acca977d152258ab4811af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in arcturus-centauri-iota-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b062fbcc4e77a805c34328bb8e4095c779c20a7fe585cf258b619b7029d33cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in quark-aquarius-weywot-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30996d68f5a3eaaa198028e609182507bbc8d9d2c5693f797f51dc0ec35e1c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in planckscale-lynx-global-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d3a6f504f1e5767dfec6a0695658c17cb181816e481c901e238aa4397ec5924 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in passport-nightwatch-sedna-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 590d2c8ef0713d21221fbae7ee5e08dbd5bc8bb6d9956061ea4aba71ab61dc4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in callisto-europa-relay-bootes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8337c1aab47dce5ea62275961be6d7adbca72d2db41dead4570adfb04582fd5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-188534 Malicious code in paleontology-lyra-hercules-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6719be20e59d8b45e65d841f7ecb4762b0113345b1250aca102c4a5cc12ac0cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-188560 Malicious code in parcel-panspermia-commitlint-config-angular-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad7ce5ec778c0d8a09caa214fc9ed62c9222306281fcc29ee88e7c4f779e7806 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.5 views

MAL-2025-182848 Malicious code in itale-adci-ggpanekyu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87b0bb3e75b240082accea45fa79ee046de1da323c0c72726f296b8646669449 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.3 views

MAL-2025-181681 Malicious code in astam-ift-diugoa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7dba908e61c5498cf98a5ebb7f56ef9404d768ceb83af01e3077d940790bfaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.4 views

MAL-2025-184182 Malicious code in modaiv-kvu-ibuagob (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2aad233b8917cb3f35a7709328cbcf4338dea881f240a4cc57c6f2258e0d333 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.4 views

MAL-2025-182558 Malicious code in imuay-aig-iyucauyafg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bf9c67acbdb7f60f6fd018563278026afea4dcb24f7074082720a7f7f936152 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.2 views

MAL-2025-184822 Malicious code in poliaoz-aiksgsdfo-ahksgasifsdsdn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccaae5865c5716d094d08784484fcb7cb893fc1794eca28f0309777721461875 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 9:45 p.m.5 views

Malicious code in @akunsansan0/biru2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1851daefbecbc23f3bba9a063c72fab4d264e93ca6f007b84de56f07884fc96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 8:46 p.m.4 views

Malicious code in anais-papoa-0paufafui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff966dc269ebdb4666f03db51b335d8479e7d023e269ffd554043a5e60805041 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder