4175 matches found
MAL-2025-149811 Malicious code in yildun-configstore-fetch-iota (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d5eac125c5295ecf1ed43a32e19f2d93399172cfdf55b8347ed06ee886b967b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142050 Malicious code in enif-gatsby-fetch-lacerta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0de2f9b8d363ef3c5fd440250303d6b6fd6a231b41e7b92f2ab5ae9881eaa924 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116826
Malicious code in aldebaran-fetch-node-sass-koa npm...
EUVD-2025-114402
Malicious code in dotenv-enif-carina-fetch npm...
EUVD-2025-122662
Malicious code in repository-commitlint-config-angular-fetch-xenos npm...
Malicious code in loop-ophiuchus-fetch-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0506250f20544e8ea50d856e84eda191a6177d7846e809be15c6038a85dde340 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in delphinus-elara-arcturus-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40e31c55e192550433235a3c031a4cda8b30ee9f66224b49942a341e0b5a126d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113672
Malicious code in fetch-corvus-auth-charon npm...
EUVD-2025-113655
Malicious code in fetch-quasar-jabbah-superagent npm...
Malicious code in webdriver-manager-fetch-epimetheus-dactyl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f80104e90fd19f09841b6626aaa8cbe13df52164d7956580530aabff25a1caaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jsonp-charon-warp-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81c33c6c2772ea53aa5ecd5175c851302123b223a7990f46762cba9948111efd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142439 Malicious code in fetch-corvus-auth-charon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de090b94808980372619b8096599353dd43a9676150155c1d8046afdbf5a8d31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dione-warp-fetch-wasat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf8e43ad64eeff4cd931df3075d3bdd9a78a1fc7cc746534adc9f49d17a9947b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-111239
Malicious code in metalsmith-elektra-fetch-event npm...
Malicious code in fetch-husky-slides-sedna (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cb8880199d75a5db2d02dd91a1ba2e0c5eca450d26a8d696a8074ac48e4e0fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-111121
Malicious code in mini-css-extract-plugin-sedna-fetch-adonis npm...
EUVD-2025-124644
Malicious code in nashira-fetch-cressida-private npm...
EUVD-2025-113423
Malicious code in framework-oauth-postgres-fetch npm...
EUVD-2025-113673
Malicious code in fetch-cordelia-mutation-equinox npm...
EUVD-2025-111426
Malicious code in markdown-pdf-dactyl-ini-fetch npm...