Lucene search
K

9643 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.12 views

Malicious code in leo-connector-mysql (npm)

The leo-connector-mysql npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in quantum-computing-less-loader-mensa-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefb4c011996c06f58eda7e1840993e823cf3eddca4bdc92a366643fbc9da57c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in chalk-resonance-triton-mineralogy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bf63178531eb1e18ec7be76ee8d7757e6690fecc2d546232fa954284ad7bee6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-185490 Malicious code in apex-fork-jupiter-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abde9d095ffe2c468fec2bb75102133f4803428db20e669e77b0057e79fd5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-188486 Malicious code in oscillation-readable-supernova-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b51ba16ddec20c5fa98e0be10274cb14d7ed4c223f9f5a94cd339d2118dff1d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-186319 Malicious code in cors-standard-epimetheus-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a0e58885cbe1280ac15b1de772db340d444deeaad728af9524fe0139441eec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-186412 Malicious code in csrf-relay-miranda-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f899356aede6a0e064a4ad0d787f45e899605f276b16981fa45ad710d5d7f054 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.1 views

MAL-2025-187929 Malicious code in markdown-paleontology-antares-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d46395b1e046730a6f0bddc7e1f77cbf6bb8fdaa009f76bf1a87f5c99f0bd3b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.1 views

MAL-2025-186687 Malicious code in eigenstate-gravitationalwave-config-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1ac45b72547ad9810a75d1263cb7b9a765a2eb4ffc477983e5b99f4890b2e1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-189565 Malicious code in socket-decrypt-tau-big-compress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 849529486d9d0d589a18e25c834f7a59aeec5d0fbfd60317298188a31ea6ec62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-186519 Malicious code in deimos-polaris-gridsome-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2d7daf5a58341775641235bf8ae1045625d4dfe06b3b0772252ddf9a2d15bd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-186360 Malicious code in cosmos-framework-gacrux-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cd2a9d5b7263324033c43fd921ffc4f87609c2d056fd9ab0813eb4da595dcfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-186314 Malicious code in coronalmassejection-sirius-morgan-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d80a0fc837162df43771bbbaa03d52e4c3a0b2bb5a2cc9e42a63ae33dfe82d0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-185853 Malicious code in blaze-figures-auth0-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 727dfde69f223e063e6c105bee12a8dd3b764b31aff3b3d9533313df6746f169 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-190190 Malicious code in vuepress-centauri-transhumanism-astrobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdb05993db85d17c64f179ee15f5d3d4425016c0f6dd71699c1b011dd854db6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-187082 Malicious code in gacrux-farout-publish-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 452c960aa8905735a4d5f1b36b9b11902ec192984de6bf397eedb20365903d7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in yakutsk-luna-nova-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1247a887e7b5c2f9fd964d4f486657e8b0b2f0cb3db19d32b6971e95515ac6f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in child-process-stratigraphy-subduction-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7c49dd3945225b658c5a51f33c18f72ccbb43fd246685797fce72947468f0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in cressida-indus-epimetheus-borealis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86889f7ce22f369521ce2fceeef29b4481464a118b534f7a620ce86b6d283dfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in sedna-semantic-release-meissa-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23de4acbd096d7b2e9443bc9c267dde65252e7ab561fffd7d05d00627a2595f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder