Malicious Package

Overview github.com/BufferZoneCorp/go-envconfig is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluste...

MAL-2026-3621 Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

EUVD-2025-178912

Malicious code in figures-proxima-sedna-envconfig npm...

EUVD-2025-178730

Malicious code in geoarchaeology-ethology-command-envconfig npm...

Malicious code in envconfig-apollo-dependencies-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc6efee11ebc8382fbece0fc1803392ff0837ae4af2341841d4b417793e252fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176210

Malicious code in steganography-aether-on-envconfig npm...

Malicious code in draco-quasarjet-envconfig-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e035ec30a3e6a4899aece76133701fceaa81f84eb4de4b1f3e1a6500c33e84ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179110

Malicious code in envconfig-dotenv-safe-middleware-javascript npm...

MAL-2025-189665 Malicious code in steganography-aether-on-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a82bcf9484d0efd576c49a8f70274e7b0f9d424b9ac8f7f2c024d1aa3911a92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-180169

Malicious code in axios-envconfig-antimatter-xenos npm...

EUVD-2025-179109

Malicious code in envconfig-fornax-void-duplex npm...

MAL-2025-185442 Malicious code in alphard-mui-gatsby-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb3005addfce76c80633ae60df973892cc0a170579a5315c529dcf35c96059a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177758

Malicious code in morgan-magellan-public-envconfig npm...

EUVD-2025-179108

Malicious code in envconfig-passport-charon-hermes npm...

EUVD-2025-180446

Malicious code in alphard-mui-gatsby-envconfig npm...

MAL-2025-187152 Malicious code in geoarchaeology-ethology-command-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2db2f59e4b91cb512a2a65d44d236eaabab0e3ff8a963c974dd532a51df602e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185834 Malicious code in biosignature-spawn-slidev-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08678df57d0faab58f3bdefe4aa354744ee16d6eda67bc9e6e1f9b7178654520 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177135

Malicious code in planetology-virgo-archaeometry-envconfig npm...

EUVD-2025-179453

Malicious code in csv-envconfig-achernar-stratigraphy npm...

EUVD-2025-176440

Malicious code in selenology-dione-envconfig-avior npm...