MAL-2025-117562 Malicious code in tuti-soto46-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c1645bd7a7eba5ecf1fdb23a44d5ffe73d31df3412053a255dd259cc6f8297 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-114816 Malicious code in insufficient_lemming_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a433ecc7d8a6798cd48724ca7a8615426c482de3fea6ecf8c482983c7c259b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-115536 Malicious code in lisa-rangi4-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6fbda7d04aa1719301445f729ce3e1bb4ded6dd95980f9e7897a9b001050ced This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-114305 Malicious code in gita-menjes68-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e57598ee5adaa4a954e9a31fd91bf30f1ded69982b4c977117ef9472fba96258 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-116840 Malicious code in rina-peyek30-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 743fae8f8e5bd50bf030539abfcb20913360dd83d29d390daa41162063ddfe3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-116874 Malicious code in royal_eagle_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc60cb692bb3ab80de0181cab30795a9e91e2dd8fee8786419e54425a16f4c31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

MAL-2025-112061 Malicious code in liberal_takin_indigo-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bab7807a5edc123a5a99e4a73664ed7e94887707ca08c08eb60d94c994d03433 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111679 Malicious code in available_silverfish_rose-34 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e703e9df46187f71eef472625c1cf9563ccf8f461536efc46ad931285fb9a685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112075 Malicious code in magnetic_skink_azure-31 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dac7d52f4e7c2d3e237892f091f2b6f8c47768d6250eb7516a0ef36c530885d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bad_aphid_plum-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e0fe7baa2007bf9a7e0a1a4166e476e0ce8f742a791fe0d66bf0c48c2b2803e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chubby_earwig_jade-7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ec82bc50f662554549e87b96539d007d2db1971a5c007001a2e65ec4fd4fa0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eerie_snake_brown-35 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a323ed24d23b218d3f0e311d99dc4dbfbd4a0d64bbe6f7c1866033e0b06aabe8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exciting_reindeer_maroon-48 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b20ba6a0945c706c17c8f760319cf405594d940c6375b9bf33b7a162c55747b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in minimum_bee_sapphire-6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f658b25800eadf90b920958a64ee863a4b5d6a584fb033be800a5f6c28bcfed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nutty_lobster_beige-78 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14aa2a8b0891e0cab78c3799e5e13d6681662766c5016d192be0d4dbca77342 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in special_slug_orange-76 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b826c861c7d3b49ddac8ff853f6e5ab5ba46f4a5c9b2ef6e47e499b3a9d86e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tame_pinniped_ivory-92 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 436b3cf44c0283fbae1345353a9266a91199527545c9ba3a35e2e1469aa9f35a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in managerial_squirrel_olive-93 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65e95dfac9e1c303bbad2947faf75fcc099761b66d70f93780fb7c02a97af9a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111884 Malicious code in extraordinary_ant_cyan-53 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e944c5b890c2a9da85272b67ae1c5def5716df4cf5f4f8fc2d294a58c338b753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...