Malicious Package

Overview github.com/BufferZoneCorp/go-envconfig is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluste...

MAL-2026-3621 Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

EUVD-2025-179111

Malicious code in envconfig-apollo-dependencies-update npm...

MAL-2025-189665 Malicious code in steganography-aether-on-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a82bcf9484d0efd576c49a8f70274e7b0f9d424b9ac8f7f2c024d1aa3911a92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186772 Malicious code in envconfig-dotenv-safe-middleware-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bb6d3787cd8e826342e1a35672bcd802bf1f5e183672c196cde0b5b219fdc13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in draco-quasarjet-envconfig-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e035ec30a3e6a4899aece76133701fceaa81f84eb4de4b1f3e1a6500c33e84ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179106

Malicious code in envconfig-sociobiology-palynology-meissa npm...

EUVD-2025-178730

Malicious code in geoarchaeology-ethology-command-envconfig npm...

Malicious code in geoarchaeology-ethology-command-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2db2f59e4b91cb512a2a65d44d236eaabab0e3ff8a963c974dd532a51df602e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176440

Malicious code in selenology-dione-envconfig-avior npm...

EUVD-2025-179109

Malicious code in envconfig-fornax-void-duplex npm...

EUVD-2025-179015

Malicious code in europa-betelgeuse-scorpius-envconfig npm...

EUVD-2025-178912

Malicious code in figures-proxima-sedna-envconfig npm...

EUVD-2025-177144

Malicious code in planckscale-ora-envconfig-antares npm...

EUVD-2025-179110

Malicious code in envconfig-dotenv-safe-middleware-javascript npm...

EUVD-2025-177758

Malicious code in morgan-magellan-public-envconfig npm...

MAL-2025-185834 Malicious code in biosignature-spawn-slidev-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08678df57d0faab58f3bdefe4aa354744ee16d6eda67bc9e6e1f9b7178654520 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-180169

Malicious code in axios-envconfig-antimatter-xenos npm...

EUVD-2025-177860

Malicious code in meteor-envconfig-quito-singularitarianism npm...

EUVD-2025-179453

Malicious code in csv-envconfig-achernar-stratigraphy npm...