1004 matches found
MAL-2026-3684 Malicious code in @gusmano/reext (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 498a21b60dcdfe236ea0b1683e1ec64aa091643b6ad562c3845757eed79660d8 The npm preinstall lifecycle script dist/scripts/preinstall.js, wired via package.json "preinstall": "node./dist/scripts/preinstall.js" reads the...
Malicious code in stream-build-ganymede-corvus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24b83fb6af139dbb9bbd46a83057ddae76e5bac4e17b4d50dc4543a894b03951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eventhoriz-perseus-semantic-ui-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36c8dfc94f09b2035ce23b897ae3ff76adb7eb115168d013c0bbd9b08398fa8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in water-balance-serialize-omicron-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10b645228c86dd124d31b5de28c55a401743d95fcfde72307326120b67d14f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fermiparadox-helios-pyxis-astrometry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4110ce456b0d3ee05ab386cd882d362726708a69daec5cde442abef8ce9a9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rollup-plugin-async-astrobiology-spectron-webdriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1575655360d32ad6eb45dd6dfeca312cd7cc44d003f56621dc00b12f7ece9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in luna-zephyr-hugo-fusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2659334214262b9e688121710ba3382e3ea0f485ee7251775693554d6ad20f91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hydra-hermes-ichnology-ariel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f806ffbc0d1c5c2ac9366ab01274cbf1257aad32af0d5554332dde5e7d2e89f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189391 Malicious code in scripts-shelljs-quark-gridsome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c62f3ca6bb9a8405ca6865e83fdd43928f000b1e887a138caaaf6a211618764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186270 Malicious code in concurrently-janus-spinner-palynology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8fcadf406f92f7582c4cf7874b4e875c3cfba00d445f70dce8eae741d340739 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188373 Malicious code in nuxtjs-hugo-karma-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79556a4b1006c3aa3f897ef9fccba95b8e8d674b5863c91df3f26f4e762b507a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lacerta-betelgeuse-xanthus-upgrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3c6304ec6e85d47dbc95675de68746430ade85ec9fbecf5cad5c5ec8a058683 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in miranda-genomics-uninstall-virgo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfeacda2b376daee22f78d9a59bb58433ef352a72d825d0910791a5051064406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188350 Malicious code in notify-zero-abstract-old-dog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a53282b311726aa389d4f18e04f8cdede5fd23b6a0f0f816a5e9547530a4e8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189464 Malicious code in server-nestjs-selenium-cassini (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8a760dd4bce11efdd666ee3f24ade2e0fc29cedb52383bb55dab1cfa53cbcfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189933 Malicious code in thuban-run-script-octans-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41bcd540d3089d4cdee49cf3fc5e84101e85b4b10116b145f1f13927a252e045 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in extremophile-geochemistry-dendrochronology-ursa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bea310cfefb66f08a96c3188538369447bd04612535e404ae87469b672b6668c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in got-loglevel-ceres-acamar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b2e9f729f99ce1db8045e28e7e2b5344d4377dd1b1a8f21d8fe39d2c57b0dbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in less-astrochemistry-ceres-halley (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce97bc6d36bcde07bce91a015dec579ae6795f061e92685f77111fbb9c91bc6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186689 Malicious code in eigenstate-outercore-procyon-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a484a069829c64301bbd0fbee977a1849ab0673970fe89b32d53936fca25518 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...