281 matches found
When the Abyss Looks Back: Unveiling Evolving Dark Patterns in Cookie Consent Banners
To comply with data protection regulations such as the EU General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA, websites widely deploy cookie consent banners to collect users' privacy preferences. In practice, however, these interfaces often embed dark patterns tha...
EUVD-2025-179808
Malicious code in ceres-redis-umbra-terser-webpack-plugin npm...
EUVD-2025-175837
Malicious code in umbra-iota-graphql-callback npm...
EUVD-2025-175840
Malicious code in umbra-australis-dotenv-safe-google npm...
EUVD-2025-175541
Malicious code in winston-leda-mesosphere-umbra npm...
EUVD-2025-175839
Malicious code in umbra-enif-sirius-lightyear npm...
EUVD-2025-175835
Malicious code in umbra-mensa-bunyan-non-blocking npm...
EUVD-2025-177011
Malicious code in promise-umbra-css-loader-postcss-loader npm...
Malicious code in cygnus-umbra-webdriver-mocha-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 314812afef770b2c68933860419ecd93f198f59bd1b7fbef389f9ff3aeb0ab01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178346
Malicious code in iota-framework-umbra-uranology npm...
Malicious code in sirius-stop-umbra-spawn (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e55a14a033b2c4791dbf3754b9d92b6fe7fba60595a0c5234a281f5b9d0c6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in server-nebula-cosmiconfig-umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d990e48bbacd130f5620b5b20983fbbc4001f0ff552a7c6e169141a13af346c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180274
Malicious code in async-cressida-umbra-vuepress npm...
EUVD-2025-175983
Malicious code in test-umbra-elektra-update npm...
EUVD-2025-175836
Malicious code in umbra-jekyll-foundation-graphql npm...
EUVD-2025-179061
Malicious code in eris-umbra-dotenv-scorpius npm...
EUVD-2025-176412
Malicious code in server-nebula-cosmiconfig-umbra npm...
Malicious code in test-umbra-elektra-update (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c07c4a11aad899f56c47c7827672845788d476dc8632cfa2e8e99790f69a765 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179912
Malicious code in cache-umbra-geoarchaeology-server npm...
EUVD-2025-180221
Malicious code in auth0-sociobiology-apollo-umbra npm...