289 matches found
EUVD-2025-175931
Malicious code in toml-apollo-materialize-hexo npm...
Malicious code in dorado-hexo-sqlite-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a4a93ae9c0b359cf320351a3af5fd7016688cc60265a5c221a86d43cd0faad3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187354 Malicious code in hexo-phenomic-odin-element-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e24f316c2017efbe3858a178ba430fa5b15695ba388d42bc7350613d60c043be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187355 Malicious code in hexo-publish-hexo-xo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00717e5974b423da54268e70eeedbebfd4bb4bf7ee91f3dd7e0b29ca6d88211 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in geodynamo-stop-hexo-markdown-pdf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eca0a2915c66dd42a7b4e7dd744b1a10f4f2a0085b8213be501a8ef39cde5d35 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in biohacking-hexo-nebula-non-blocking (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 799bd86e632988c28863335fcedc47e5fe32a6ec91385c1a1eb92d971ee62381 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hexo-boson-charon-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a56cd66ea725cf1761fe3250a133dfda961733f0870f716905609eae11f5f91d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177576
Malicious code in node-config-hexo-version-indus npm...
EUVD-2025-177109
Malicious code in polaris-playwright-optimize-css-assets-webpack-plugin-hexo npm...
EUVD-2025-175410
Malicious code in zephyr-local-hexo-meteor npm...
EUVD-2025-175740
Malicious code in vega-toml-hexo-quito npm...
EUVD-2025-179270
Malicious code in dotenv-hexo-apollo-cryonics npm...
EUVD-2025-178526
Malicious code in hexo-restart-farout-sync npm...
EUVD-2025-178141
Malicious code in lepton-cache-soap-hexo npm...
EUVD-2025-178528
Malicious code in hexo-phenomic-odin-element-ui npm...
EUVD-2025-178529
Malicious code in hexo-interstellarmedium-spinner-less npm...
EUVD-2025-179253
Malicious code in dotenv-semantic-ui-fusion-hexo npm...
EUVD-2025-178532
Malicious code in hexo-boson-charon-framework npm...
EUVD-2025-179188
Malicious code in elara-hexo-postgres-astrochemistry npm...
MAL-2025-186612 Malicious code in dotenv-hexo-apollo-cryonics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199267a35ed5937ef5f63c6920324dae39fe64bc54a1dd7c5dc19a3157ede4a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...