MAL-2026-4967 Malicious code in @cloudplatform-single-spa/security-groups (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

Malicious code in commitizen-style-loader-ursa-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55d2ebc38705a078126552608b320280b5a60874c5f00b2dc23be6eef2c6a79e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in udin-jus48-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24d77d15905ce075e5976095494ef0932a370afb3729a7c7eb05aff41f2cef75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scornful_duck_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0e20890f97ee0a4a48cbeb09e033b2f0445aa3c00186b5bd87352c84b9de7d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...