17 matches found
Malicious Package
Overview spr-i18n-labels is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in merchservicingnodeserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a4eacdccf8a177ac402bd5896b3033df07685cd3e951476d1e28e341e8e74b4 The package merchservicingnodeserv was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in sabua-muyafig-budafauaffu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 571b0c4777b12e0ee5833f3dc3970eead5ecd2bda6ec892390b044e93a06a000 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in uyifiua-tut-da (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81520b4ac758ea8cd6c0abdf77fa823e36fd11ddbb85ed21117baad312470153 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164760 Malicious code in rinto-poke107 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05e89a5f3483fc7791d933594c516e77a1e6fce3094b02ad7b2aa069883a7dcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vega-chariklo-oberon-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e097682e36630b237386c15288de031a936baf46e72c3942302e068560fcf01d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in farout-supervisor-phoebe-umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7f56182fb0508ccdcfa89d6395ddf24d4f32bb251f2ace9a58c29d899b8d89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145948 Malicious code in parcel-async-ophiuchus-ganymede (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f6372ad132250ecbeb525e54adf13c404c2ecbfdb13bc67991250bf8c0b04b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-101200 Malicious code in dangerous_anglerfish_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4040f5b10ea0b7cd3a46afa5c8edf93462f8ce24773250101c98353b1c8e7ff0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-100427 Malicious code in cici-klentik61-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2965c61460bcd03101ba0e0c9d1d16483f67fe1457f2a21cd3ff894cff85d78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in amateur-emerald-weasel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfc2621858e11d12c9bb8619ecccef4077a0d93b1ad0f8231c9464333cdf0c73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-69118 Malicious code in lesser-turquoise-panda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 975e41ce985e02974fbc00a6671cefe7fcb8972a7b5e75d385613da6ced25311 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tomi-sroto22-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe2d43adca76572a47e76ab1e9fd7a3a7e4edf4dd95ec13ad0868e8a98284546 The package tomi-sroto22-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...
Malicious code in npmrunnode-fetch-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74027deb8f96cb586a9b82484dbb7818ccfbbfdd2147a05fdae660aad4211e53 The OpenSSF Package Analysis project identified 'npmrunnode-fetch-test' @ 1337.1.0 npm as malicious. It is considered malicious because: - The...
Malicious code in db-prd (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdfa8c0490d93357820e77f9a51a08b6c15f03a8ee291c238c1960064b545e55 Any computer that has this package installed or running should be considered...
Malicious code in coloramaz (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in wlwz-2312-5906 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d493de2ab123f058c0e83e6f4967fc3ba42f5c91263eec624060b1078f0ffe1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...