241 matches found
EUVD-2025-124360
Malicious code in nodejs-dependencies-unuk-duplex npm...
EUVD-2025-114299
Malicious code in duplex-gridsome-antares-express npm...
EUVD-2025-113448
Malicious code in foundation-adonis-duplex-bootstrap npm...
MAL-2025-139825 Malicious code in axios-despina-karma-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8151d5ca59d464e012a81354c3926da139a00a0f8ecf51fe736ffc94d0ebf35a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147071 Malicious code in react-bootstrap-polaris-prompts-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70ab5c4a923aa2e466ecbc96e0eac3c8a5009b0e4895c85f60cfa56187d7f5e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142094 Malicious code in epimetheus-fomalhaut-got-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 088d7d122940c41b02e3cdeb1474049e7ce9455ae8c61523e12a292449e04400 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141812 Malicious code in duplex-jekyll-janus-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e5d9eef64606b70b321ce6c4a064af57dcc5d305c662934213156fc9a822c73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145813 Malicious code in ophiuchus-duplex-koa-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 026985088b076b41d3553a135400fe4e6195e5a076210af526056f647ef5ba1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141820 Malicious code in duplex-sequelize-blitz-odin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f2346b0bf4861676926585e3f847208430f9349ab412d1fe2e14790ddaa9c9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141822 Malicious code in duplex-winston-loop-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74a43e2d71c5eae6cd6f7c189f43194e31c47478b8fe2987a3495d58736c1caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141815 Malicious code in duplex-lyra-ganymede-mysql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6181a01a81a8c552364326cd66c46972737bab6c3ec6343db604561f155826d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in inquirer-duplex-process-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 915e7cbf95b48a2c8efed1a02fed0f77e49a42ae939fae8791389eff9a7ab0ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in grus-barnard-algol-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9a41843bb97afd8f42d65fdb530b4f04cdbf9e62375b7e006bad94d857d4c37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112367
Malicious code in iota-umbriel-duplex-selenium npm...
MAL-2025-141810 Malicious code in duplex-gridsome-antares-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05ebe8ecc207c1773caf691799f0028ead9f4ce74df00b2bed7ca7bb70dd6e88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141785 Malicious code in dotenv-umbra-duplex-proxima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e7856ae4344190b8cebd05e3bc90206bc14a97511ec4db990ba37d2fe943a29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141036 Malicious code in config-proxima-duplex-adonis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd0d5e9cb5983b4c6c0b159ad8e6bd1605cfbb77d5568ccef57bc450516295bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141804 Malicious code in duplex-browserify-magellan-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac7466a01a5be6f74833c766c462326c87f8675e1a5883a6027ac90454c2d797 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145769 Malicious code in octans-duplex-protractor-thuban (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325c46227e7549eef871805090f80ca444787dccb12bc4f3e8e48f8bd1393053 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114300
Malicious code in duplex-galaxy-postgres-bellatrix npm...