621 matches found
Malicious code in qa-handoff (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4939e56124668b7d03f9e2a96dfbfedba53e24aaa5d2190e298547e724b1f851 On npm install, the package automatically executes lib/setup.js via the postinstall lifecycle hook. The script spawns a detached Node process that...
Malicious code in standalone-apps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22e6c4c826820874f1cb33ef8066313b4714652d4e70a69a343595a62f57e038 The package standalone-apps was found to contain malicious code. Source: ghsa-malware 16f035cde2e3e7ff7907dcbc9f16e05fca1c373ea51adbd2d5a2b484532ec88...
Malicious code in @relyt/mcp-server-relytone (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2613b007d67d58acec7030d26a33c30562848bf77fb10a5e9194afbe95258426 The package @relyt/mcp-server-relytone was found to contain malicious code. Source: ghsa-malware...
MAL-2025-185727 Malicious code in backend-exec-husky-public (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776fbd4098371f588d6cdfc712e363d560bdca553c92067e6828598d2381a7ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187292 Malicious code in hawkingradiation-flare-hydrogeology-quito (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6711499c3b50b9dadad3bd102d577f6ea2d023d26006d020d36b03b830898417 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187218 Malicious code in gravity-taurus-superflare-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91698d43b1bf58166cfea0197f507fd9230c66eccc5a874a0d9a0c15151bffb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187007 Malicious code in fomalhaut-restart-loglevel-forever (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2249aa4fd99b1a153ecd1845d37c0b92b17c3447a01493b2f5ef0609f04c1196 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cluster-magnetar-leda-scorpius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efac9c5584d5f9d128d2ef5be924c45f05b9f99c926ec52dd6d63c49abc7e2b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185355 Malicious code in abiogenesis-cli-tachyon-miranda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3731d79580a9a1a452610b6a842f4635104e983316a54b1cf97ef46f6b025b4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186546 Malicious code in deneb-iota-xenos-celeste (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5941dde5e83d9b49e44d62dcbb8338de71a05426727f9aa5813f9c325464ff78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in catch-bash-mu-daemon-slow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31096c13f4aea6a88a542856fb5bca32be9585f83bbf33f7d5e4134637ecdbca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eigenstate-electron-builder-despina-bionics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 856bb07252bfaa1fdcf360cabcdabbb8244d7be52299c195e584d92372aa55a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nightmare-semantic-ui-init-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dd9e5c43cd91768bb1e1d176eba1c1544754be3fbe8355a892cc84adb8667e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wezen-paleoanthropology-betelgeuse-asthenosphere (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96cd5dd57c26dcfb171d2cac13929816f5c301752a421417e4591099fc8d6eb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190239 Malicious code in water-balance-serialize-omicron-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10b645228c86dd124d31b5de28c55a401743d95fcfde72307326120b67d14f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189856 Malicious code in telesto-publish-oberon-charon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de6837a499af3bd764db78016d59ed3b3b1fe3f57a03f81847910a466b622002 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zephyr-yakutsk-update-fornax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4056139ea2e6931e54f1dbb6be8565d9c94ad19a8e4cc44520c8df7a00ac25f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188910 Malicious code in proxima-dagda-tethys-vuepress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ea648e943b2437d64d35c4b74d17399f38b90f0f2dfd6e329fc14d4bd66bfd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187387 Malicious code in hugo-plutology-comet-cluster (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efae6173e3dbad8733385d1fb7c202c31c5a07b0f351bc94b93fb683565134e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189784 Malicious code in sync-decoherence-xanthus-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 302cb9295281a82475b3d087e5c9d61e6f97dff44cc081a850b4044c5e0991c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...