241 matches found
EUVD-2025-112467
Malicious code in inquirer-duplex-process-hyperion npm...
EUVD-2025-112367
Malicious code in iota-umbriel-duplex-selenium npm...
EUVD-2025-112294
Malicious code in janus-meissa-duplex-airbnb npm...
Malicious code in atlas-duplex-astro-spectron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba777d8a797ecbd56772ba0ed6f122615394e758366f76afb97e132efb482194 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in config-proxima-duplex-adonis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd0d5e9cb5983b4c6c0b159ad8e6bd1605cfbb77d5568ccef57bc450516295bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cygnus-ini-duplex-eris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57b52fe76d9e5026fde08f9e1d6eb70e48547f0d6ff62a3d66b10fce1d7024f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dotenv-umbra-duplex-proxima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e7856ae4344190b8cebd05e3bc90206bc14a97511ec4db990ba37d2fe943a29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in duplex-babel-npm-jsonp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fe1d62d8945bed9474281bed75b3cef1cdb2f36be4c2dab9212839a18f37a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in duplex-browserify-magellan-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac7466a01a5be6f74833c766c462326c87f8675e1a5883a6027ac90454c2d797 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in duplex-vuepress-ini-nightwatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8a17ac0306d65a92bb6331bba707a8b9b14665480db55f8345b768c957e75f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in duplex-winston-loop-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74a43e2d71c5eae6cd6f7c189f43194e31c47478b8fe2987a3495d58736c1caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eris-duplex-firebase-eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 915b388b7f76911b853fb6047f3e4f4e11e927e0aa88842e90a0790a39b30f5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in geckodriver-magellan-csv-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dcb5295e48d36097f3e9d17b0d1580795374421d507e8f84f0bc5acb818b7ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in grus-barnard-algol-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9a41843bb97afd8f42d65fdb530b4f04cdbf9e62375b7e006bad94d857d4c37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hydra-duplex-ursa-less (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6937793f75424fe2d5f90958bdbbc1a856bd441f4ed9d7ca875e9d24f80bbf65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ini-duplex-mini-css-extract-plugin-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca689f742b94ba4a8fd5eb5c63fabe4993fa211a15abc1805caa3180a7eb351c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in inquirer-duplex-process-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 915e7cbf95b48a2c8efed1a02fed0f77e49a42ae939fae8791389eff9a7ab0ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in janus-meissa-duplex-airbnb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57e7a4039a5d6413d95e4eae7fb97136fe2aea00c3a1fe6fededc4daff50e582 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nconf-alphard-electron-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f56efbf37a7c3c9f8f377dd8543c4fb306af60ce943f5db4d631ad8a3ddc5a3e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in pulsar-duplex-chakra-ui-equinox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 475125da4e180577d2f6485fc6337dd3a6e8b9207f29411adea8142ac112a81c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...