8527 matches found
Malicious code in ratelimitsucks6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ebbee718bfa55eada8a2d56c9ea228e7b661364827e71995fd456027df7eedb The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-6129 Malicious code in abuden22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...
Malicious code in abuden22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...
MAL-2026-6128 Malicious code in abuden218 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36e1df12b592dc442d5266d4244831fd0b6ceb94c0960a26815f5fad3246b828 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-5938 Malicious code in speed4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0766e347295e7a13e0604a89de30f662a24b690598f1e4b01edaac5400178347 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...
MAL-2026-5916 Malicious code in nottuff25 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...
Malicious code in nottuff25 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...
Malicious code in got-nightwatch-despina-react-bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7336b107d179e0bff64553a286b8968070d2f42a5453b4c4ffc25c5a3be02ee7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cosmiconfig-perseus-redgiant-apollo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8cabf74a61f50af9ee6fb8098d25d2c08526d5b73a3c74ec59e714ad4cb37b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in neptune-ganymede-thermochronology-got (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed4e9551588f4666d68b5184e2a3093928f49745bb6e66a6690de97e4ac938ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lithosphere-quark-mesosphere-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00a6e66fb35724cd066f57229bbc6ba22c9e15e1a62650e159ca4befcb76544 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in procyon-mesosphere-gemini-arcturus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1617fe95d5c3a6b0a11e412e1cc9bf89b5a7629f0457231d8eaa6e8791af360e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in runtime-stack-awk-visualize-monitor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29f5a4b7134730bc0468b4baf98a46892732f059846e6f73260ec464ed7e041f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sudo-reject-mu-proxy-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71bd21ebc82601b1500c1ec0b38beaf261822f483579359312b433a31d3a139a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cressida-jwt-loglevel-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c579391a28b717cc3bab01d83cefe0a9573ccb0c4b8dee4c27e98fcb9b1adac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in delphinus-run-script-deneb-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1febe7fd885b5c966dc69cd19fd2a810edb9ee8173ed44297bdffb35acb7f615 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mira-pegasus-helios-command (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 422ee9120420e94cb81c3c676cad475d315c805d919357d1d22ec34494a7a034 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nebula-lyra-astrophysics-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87731194882f0a9904a010dc5c887ceff5fea966c6f645da196e94537a27f879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in node-sass-commitlint-lynx-public (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb7d81eb99a4b615630e9110e9e4e09cc3bdc9fe3ab07efd0d8b6117778b75e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in express-proxima-websockets-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ee0a304fa501650f89077e1daec98bbd0bb5ef6a4cceac9cecb13c6ac45490f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...