21 matches found
Malicious code in nw-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3ff057a42800ad78024ac1c48e0d6fbf9c828eb828a41e6737c32b6174ce8c Package is published publicly on npm at version 100.20.33 — a version-number shape used in dependency-confusion attacks to outrank private internal...
MAL-2026-4624 Malicious code in nw-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3ff057a42800ad78024ac1c48e0d6fbf9c828eb828a41e6737c32b6174ce8c Package is published publicly on npm at version 100.20.33 — a version-number shape used in dependency-confusion attacks to outrank private internal...
Malicious code in locale-loader-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cfe4223d443a4180a9c6113449817f38d1d72fcd6f2f4cb42525dcb391c82b5 The package locale-loader-pro was found to contain malicious code. Source: ghsa-malware...
MAL-2025-187758 Malicious code in less-loader-rocket-adonis-kronos (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb348d5f9f6c382b7097d3a12d16dbd64c584ad9d700b67e646aaaba37f84a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in less-loader-grus-void-biosignature (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99eb889dc1cf69b2085a517f688f0af0a888445aef6063056bcdef36537a018d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122854
Malicious code in react-bootstrap-native-rehype-style-loader npm...
MAL-2025-141309 Malicious code in css-loader-octans-acamar-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5a0eb27ce8f5a2dfcaca555b902c33e0adef4bc2fe29a0608fab6b0b3a2244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146343 Malicious code in polaris-galaxy-dione-css-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fe89b18978b330a37b7d1dbdf56eadbf5e873ddc9b39a4676a80187c71923c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in css-loader-soap-elektra-andromeda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02bd7db49f120b636f5d8a86022af64e2403f9c6397fdaa301235a9bca6c2be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147661 Malicious code in sass-loader-callback-oauth-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 212c3f3b0e02fdf86f047a32b47e085f6d54d34e5a3f94920acf5f2c829da336 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140214 Malicious code in bulma-halley-gemini-less-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ee5c5bdfa023d9e60148efa3bd49c6f1b6dc9220ac4b6a1312aa3d62533882 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114942
Malicious code in corvus-tethys-elektra-less-loader npm...
EUVD-2025-112331
Malicious code in jabbah-loop-corvus-style-loader npm...
Malicious code in non-blocking-style-loader-grus-slidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6981d21e3d65c60637859fde1c38681db6c5965ee98576c668ade20b35449bc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146400 Malicious code in postcss-loader-mini-css-extract-plugin-development-heka (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06bf6d7f07b3ed2d9691b5bcc6b10f80b6a8691b343b4cc3ba50758e2edf9632 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-44601 Malicious code in hercules-grus-css-loader-package (npm)
The package hercules-grus-css-loader-package was found to contain malicious code...
Malicious code in csv-readable-exosphere-style-loader (npm)
The package csv-readable-exosphere-style-loader was found to contain malicious code...
MAL-2025-25474 Malicious code in loader-8319331108 (npm)
The package loader-8319331108 was found to contain malicious code...
Malicious code in remark-commitizen-sirius-css-loader (npm)
The package remark-commitizen-sirius-css-loader was found to contain malicious code...
MAL-2025-17791 Malicious code in css-loader-google-jabbah-orbit (npm)
The package css-loader-google-jabbah-orbit was found to contain malicious code...