2 matches found
Malicious code in equivalent-rose-caterpillar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7da82e72c4315d982aee6aeab4fd387972ed302aaf02618d128a4aa8a3819d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-54576
Malicious code in equivalent-rose-caterpillar npm...