289 matches found
Malicious code in dotenv-hexo-apollo-cryonics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199267a35ed5937ef5f63c6920324dae39fe64bc54a1dd7c5dc19a3157ede4a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178530
Malicious code in hexo-duplex-xenos-bootstrap npm...
EUVD-2025-178526
Malicious code in hexo-restart-farout-sync npm...
MAL-2025-187350 Malicious code in hexo-boson-charon-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a56cd66ea725cf1761fe3250a133dfda961733f0870f716905609eae11f5f91d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178141
Malicious code in lepton-cache-soap-hexo npm...
EUVD-2025-180068
Malicious code in biohacking-hexo-nebula-non-blocking npm...
MAL-2025-188306 Malicious code in node-config-hexo-version-indus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e9b65b9b8c11b124be12acd58301b389aedba3ac28ad6ab66fcf6f4ac2a0a2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187165 Malicious code in geodynamo-stop-hexo-markdown-pdf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eca0a2915c66dd42a7b4e7dd744b1a10f4f2a0085b8213be501a8ef39cde5d35 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188323 Malicious code in node-sass-slides-koa-hexo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3d901b770938de6417077db7f0e64048574068406c7bf11efcce84fe61d1993 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187356 Malicious code in hexo-restart-farout-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5247e16048caf71cba989ce7d7576f498fa66a44e6060ab73d416196f8e68e95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187355 Malicious code in hexo-publish-hexo-xo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00717e5974b423da54268e70eeedbebfd4bb4bf7ee91f3dd7e0b29ca6d88211 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187741 Malicious code in lepton-cache-soap-hexo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 540a8b1aab1653ea9186f5db7ed0ff5ad6f8e7fb307f940830c94da18ed1a149 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175740
Malicious code in vega-toml-hexo-quito npm...
EUVD-2025-116181
Malicious code in bellatrix-aldebaran-hexo-prettier npm...
EUVD-2025-113247
Malicious code in geckodriver-hexo-node-config-element-ui npm...
Malicious code in tethys-non-blocking-hexo-spinner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d885f6678a047d144fa23ca12189e3691db1ed724e104927120acef8a43c47e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112774
Malicious code in hexo-child-process-chromedriver-jupiter npm...
Malicious code in hexo-csrf-slides-install (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4060512652c1775f10dad8705e2c562273f340ce3d86a7b19b503e23e9b2928f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113213
Malicious code in gemini-hexo-blaze-slidev npm...
EUVD-2025-123109
Malicious code in publish-shelljs-hexo-css-loader npm...