194 matches found
MAL-2026-4508 Malicious code in cdk-insights (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa41acb776dbedfe93c37899783a5e54b78017ac31576c798a27eae6b9e9ec89 The package contains code in dist/entry.js and dist/index.js that invokes npm publish programmatically combined with writeFileSync operations — the...
Malicious code in easy-link-authorize-simple-view (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 265547bf1390cb037550762c5d301a6413a77ea318a92378edf2e5eca552e38d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in isostasy-ganymede-archaeogenetics-markdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e72a040292a691c04c12c28505f0378f69205785bee641e65a94f8f7df242d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in old-string-protected-omega-decode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94b4c6b9e02ae8116c384e78de29b120b55757d7fc40c59281afe45f6917f764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186632 Malicious code in double-file-encode-moon-virtualize (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f10f8c7b46a34fb8cd76f802a955287a6e735d17496a721553248f24725219d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187330 Malicious code in helmet-supercluster-release-it-technosignature (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in inda-fodj-guofagipa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39e7719553c5cf6f0341c98c3fd8a57ae4c03ddb17312f63a6437a776035951c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lomi-fuis-fangsso (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4d5ffedb1d607f05ed04954e46756f409d3c871fd0fd8cbc3f66707369efd05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in masolv-avilo-civbu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68f03d3a93ae2c598885dd37363241a88a780dd0b7a3bcf86bdcd9b364bbdc74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oloc-uyg-ugaoyui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbc6e2ad948665d1cb006fbf4ae6b4793637657f65325bd937583bd9b47dd5e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184594 Malicious code in odasv-kiuu-bofafni (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17f0b7466dcc79b06f8df59c8efd66a112372ebbc034e0507cb5feb69dcbf40c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-182979 Malicious code in itale-dci-fyejsyegf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d5edacac1b2d3c284afa3133e7650c55d579e3a2cbe8f1157da0833805b470a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183113 Malicious code in item-ati-zpjozakuika (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a01e48f83d0237621895ffc23789a4c79e696832f7b557e4b5ce0aae5f40559 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in teate-thy-sonic-vuasi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdd5adc216b69f7aafe4e8d288ca88305f58821c07e0796d8770ea300d6b95e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in @mipta1/esdsras (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aac5d78566a2584bca860e34775024486c14a65a86cef77acd75ed49bfac9a0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in butanah-fipmaofha-hfuh (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1006b295de91dfd1dd379f7c0388b6f6ec9abbc70bd890b7b5467a64d02941b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymer-aia-afafafyag (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bddf33e01f0892dd07945df012160a0e785a29089fce05993e947c63322d7825 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymer-tyud-reua (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9f36b404ae3c434d391f9f338c51be9a5aa4a0aea91053c5d5ac7d9640aa486 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rindaman-poke13 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 874734288fd33307686d92c862dbf2db92bf6c3b2750924c38811e5b8c87bd19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-177030 Malicious code in nuyar-adamair-taqaaibbog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a18634152b86c403281e4bae99c37e5e87f97a49358a256ba4ace638998bd2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...