1097 matches found
MAL-2025-144169 Malicious code in kinetic-elektra-oauth-quark (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c22228b96f1f94b44857105013958740ba11c801df19863786af40a7b2b19d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148089 Malicious code in solis-spinner-canopus-ganymede (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70de15daf42e5880fe1aef7c23ceaf254db562fb9cb058e44b29f7c137f04ec1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147272 Malicious code in repository-lyra-react-bootstrap-ursa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96745fb4e087f1d2fa6cc12f0673c34c9c89de6e5261f9db9d80208c34740662 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143229 Malicious code in helios-css-loader-kastra-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 633c687aa376abebf8cfe06e2dc3aaa0c30eb2065e0fdf8373b6e67332e7882b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145950 Malicious code in parcel-aurora-pegasus-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0850d9ceb923ea3b8c1fae4e07e33f2a81a4e2efb322eab5c70dcae054468a4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145552 Malicious code in node-sass-proxima-capella-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3c4e4e6eafea389b8886de6367219c50aafba5925e89c98723c039c522076e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148765 Malicious code in transform-json-react-bootstrap-telesto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee56afed477b3208f399ace13da17ece3997d082d7f14dd42a008e1e2715e635 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142544 Malicious code in fomalhaut-library-carina-eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cf33dfb38061f04102f930ca05f066db39305ec29335d77c56c418bba3bda7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148557 Malicious code in terser-webpack-plugin-mutation-mutation-unuk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 093f6cd3625f88f87ec25dec35d3e27866fde2e123a38d30403db5f1abcf7846 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148352 Malicious code in subscription-css-minimizer-webpack-plugin-carpo-lynx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4650e80b2c1aaee9d51649d798ab8b1dcd57d9d7758ab69e3f31252ae44e3485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141424 Malicious code in cz-conventional-changelog-markdown-metalsmith-commitizen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9482e36bbe4901e1af6bb14db59f11eac88fd2d639fb758299a6a41f7db6f35d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144980 Malicious code in mini-css-extract-plugin-meteor-capella-nconf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a2bffa9bd292d3a0b9290865876b6ebc6200573a041491ba008385a5a036a1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147985 Malicious code in slides-geckodriver-sass-loader-webpack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ffb3b79f8518cf9c8eb783d487fbeab6cbe1a3006f9b7dfe4811dbf438c53aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140446 Malicious code in carpo-jest-celeste-blaze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5302a6da915ba69b2ef4fa60cdd9d629cec52485a615e36d82215554a1e685f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141655 Malicious code in docusaurus-apollo-procyon-yaml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d68775694f1a02f061a9166189e1da1036c33dc0f57dd3bad87a9118563e46c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144981 Malicious code in mini-css-extract-plugin-meteor-private-thuban (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7211b4171953c4e9f79f3fe9e5a6d0d27eb0cb456b57238fa36191cf3f046f22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147859 Malicious code in semantic-ui-version-cordelia-sass-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dccf8e866dc51a15bd2f8ba9b906996f178347f536942db8881cba16568692f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149245 Malicious code in vulcan-mini-css-extract-plugin-commitlint-wasat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fbac709081533786703a9d2c820cc05cc6e037c57d2336727371303e83624a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142471 Malicious code in figures-ignite-typeorm-grunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba65ca8d3db100e2561aed3aa94db75191efee78aa8dc130f06a757666bd98d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-139826 Malicious code in axios-docusaurus-node-sass-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edbb6d2fb12bad9e44295778236ba91dbbdac0b8e668c461c5030b7c439e518a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...