Lucene search
K

13 matches found

Snyk
Snyk
added 2026/05/18 9:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in phi-shell-old-old-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddbf8b98f48373b31cbb5f1e89f4a12dbe3f2261af644871c9045b89528e7622 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in saturnology-fomalhaut-geckodriver-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2caba52a6e0c88328d81e8c122e414d91225f1c1fc9d17f8a5aed4ff943da7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.4 views

Malicious code in manadsi-safadia-naisop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b493f74dcb9c3fdb730c73ac03c1424b7c863470f9ca8a180179a3b1ba3d54e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.5 views

Malicious code in tealove-darknest28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18d8a2dc0ea2daee10e5bc5b75038e5c23e54f80a51b8461698a7735acdc57fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.3 views

MAL-2025-164721 Malicious code in rino-poke72 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2dc300682fd8d018656506f416018a65c18636c06c5e03807bbb0ced33b7a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.3 views

MAL-2025-162785 Malicious code in nokire-lokcek31 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebe654f7863b260d7b2fd03526f34e58ba42907104c36c6f3e054a48ba9431e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.4 views

Malicious code in postcss-loader-quito-iota-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ff2bf6dc026adfb7fcf087d65584c298b75dd1842c5baff878381350cd0ad5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 4:29 a.m.4 views

MAL-2025-145958 Malicious code in parcel-europa-publish-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a09bc38436786092d99a19e3bf9e0d03927398fd2aeb6347409e17722db57f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 8:46 p.m.4 views

Malicious code in electric_cobra_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95e979f1d505ae5f4b9292751bae87ce484324cffd9eb4e83a1fea8f6f68a7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 8:46 p.m.5 views

MAL-2025-125773 Malicious code in dewi-kemplang46-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65ba1e48ff3347f9ab278e42047ddd3ff545e56beccb24f9d2056ecac3b5c445 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 4:25 a.m.5 views

Malicious code in nana-soto72-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec36782ea3e1ddf198195fac7a3514c7224032dd7ba9ceb1d663ab058fbca4b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 2:29 a.m.3 views

MAL-2025-73383 Malicious code in hendra-lepet37-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d03bba21bb2a8a4c9f43bc832b3ff89218d34a50584e4cee0af0341f25cb2e67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder