7 matches found
EUVD-2025-121818
Malicious code in spawn-tool-concurrently-umbra npm...
MAL-2025-146162 Malicious code in phoebe-metalsmith-css-minimizer-webpack-plugin-umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c7758742d6ce3f84c41f899059c9fa2f6d10ec4d81abe2446f4316493355a77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121014
Malicious code in umbra-browserify-enif-jsonp npm...
EUVD-2025-121001
Malicious code in umbra-nodejs-nestjs-node-config npm...
EUVD-2025-120997
Malicious code in umbra-package-phoebe-version npm...
Malicious code in umbra-metalsmith-hermes-perseus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efbd93e95ea1a4a643c5056c08bcede32284315366dcdf316f1b9da9df3b55c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in com.unity.modules.umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 028143de47ffc6a595c77b27b5dccb7b193613f13c80f4a3c74eba446ecffd18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...