104 matches found
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog. The packages did not go after the developers who might install them. The operators used the...
EUVD-2025-117289
Malicious code in international-amaranth-booby npm...
EUVD-2025-117183
Malicious code in other-plum-booby npm...
Malicious code in loyal_booby_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9697e97da4254e03b70bdde7dde756c4691f1c42f5a7e975f9d7cbc7a2d212a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-104511
Malicious code in indirectboobyz3n npm...
Malicious code in harsh_booby_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dffb13d9773311061773cfb3edecc579b5537fbe87dfbf05b72e44daf644932 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-104745
Malicious code in harshboobyz3n npm...
EUVD-2025-94311
Malicious code in verticalboobyz3n npm...
EUVD-2025-96695
Malicious code in luckyboobyz3n npm...
MAL-2025-123989 Malicious code in vertical_booby_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6027cb201b1d67e88887a6468ec03658614337404b3acab66397167b4faee78f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-89006
Malicious code in rubberboobyz3n npm...
EUVD-2025-75338
Malicious code in unpleasantbooby-smiletea npm...
EUVD-2025-77414
Malicious code in bravebooby-appteadev npm...
Malicious code in thirsty_booby-silentdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1440f2607031a1cd0f574cf9bf1c047c68fbcd093677d6dd327f7307ca65d2c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-100083 Malicious code in brave_booby-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d1afd2e04705548b79b3516eda579e04bd49f9d54fac21a43ca78ff2450e3b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-78580
Malicious code in preliminaryboobyz3n npm...
EUVD-2025-79115
Malicious code in hardboobyz3n npm...
Malicious code in protective_booby_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d52823d0276c27773e06477131cd24c5b22483e4198b212f15f21379edf368 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-81483
Malicious code in itchybooby0xrequest npm...
EUVD-2025-82071
Malicious code in embarrassingbooby0xrequest npm...