Lucene search
K

8527 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:30 p.m.10 views

Malicious code in ratelimitsucks6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ebbee718bfa55eada8a2d56c9ea228e7b661364827e71995fd456027df7eedb The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/18 4:29 p.m.8 views

MAL-2026-6129 Malicious code in abuden22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.9 views

Malicious code in abuden22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/18 4:29 p.m.6 views

MAL-2026-6128 Malicious code in abuden218 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36e1df12b592dc442d5266d4244831fd0b6ceb94c0960a26815f5fad3246b828 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/16 11:42 p.m.8 views

MAL-2026-5938 Malicious code in speed4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0766e347295e7a13e0604a89de30f662a24b690598f1e4b01edaac5400178347 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/16 7:27 p.m.8 views

MAL-2026-5916 Malicious code in nottuff25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...

6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 7:27 p.m.9 views

Malicious code in nottuff25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...

6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in got-nightwatch-despina-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7336b107d179e0bff64553a286b8968070d2f42a5453b4c4ffc25c5a3be02ee7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in cosmiconfig-perseus-redgiant-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8cabf74a61f50af9ee6fb8098d25d2c08526d5b73a3c74ec59e714ad4cb37b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in neptune-ganymede-thermochronology-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed4e9551588f4666d68b5184e2a3093928f49745bb6e66a6690de97e4ac938ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in lithosphere-quark-mesosphere-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00a6e66fb35724cd066f57229bbc6ba22c9e15e1a62650e159ca4befcb76544 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in procyon-mesosphere-gemini-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1617fe95d5c3a6b0a11e412e1cc9bf89b5a7629f0457231d8eaa6e8791af360e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in runtime-stack-awk-visualize-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29f5a4b7134730bc0468b4baf98a46892732f059846e6f73260ec464ed7e041f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in sudo-reject-mu-proxy-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71bd21ebc82601b1500c1ec0b38beaf261822f483579359312b433a31d3a139a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in redis-astrophysics-astrophysics-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1333edb4716edb56d7bfad2d798c5bbde5a257033d88551200e6b6ea7bb504e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in library-kronos-start-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 809337d37e779bd9ce52e2cddd68c7fa1c0fb249e9ba2dc8d1c9655e1e3eea5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in gemini-dactyl-archaeogenetics-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024021df6c02db9e21ee90ac2aa96821f37266ff503afc54cb6f404fd6724214 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.10 views

Malicious code in cressida-jwt-loglevel-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c579391a28b717cc3bab01d83cefe0a9573ccb0c4b8dee4c27e98fcb9b1adac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in delphinus-run-script-deneb-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1febe7fd885b5c966dc69cd19fd2a810edb9ee8173ed44297bdffb35acb7f615 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in mira-pegasus-helios-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 422ee9120420e94cb81c3c676cad475d315c805d919357d1d22ec34494a7a034 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder