MAL-2025-149787 Malicious code in yaml-eslint-eslint-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af85ec1905427d26a8cb76ef206a0a384fba45266e161ae68cd007fa65ede164 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tuti-tahutek42-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b471996c4bbf00ba12f110ac1339bb5ebc60678705d32545c8dd239e57c69eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-77360 Malicious code in clear_cattle_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3138a18011821c77683c969053fdf6a46fde89cc3f3b7bed236a8f30e8385cb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-82668 Malicious code in zain-gorengan79-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cacd1077fe709eb2472d85757c334b2691d7601764e260d7f81b2680c1fdb98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities,"...