10 matches found
Malicious code in release-it-juno-cypress-ganymede (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55d18c480ca87915de8b545c8543b1908769b9d71711027a718c1af31ffaa6ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rindaman-poke36 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3cc400a1ab4865e023cbe8e56c3d0e291b3c41c00314ca104781f7a90313a7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157131 Malicious code in jurss-a1rea-as (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dd07db606223407df84b520328abf15563c909bf949d831d573b526c91a32e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-135468 Malicious code in maman-pecel67-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67edbb42548375e20f04504c3104a0b149ff8e822178df96f6b1153095e9d9eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-137801 Malicious code in vida-tempe52-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 475394238a040702da1ef1c899c4ee3ae110cff86a579a1b80a37fd471fd2163 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-124218 Malicious code in wawan-gorengan21-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c93aed90e90becb0e8d93c5165065271c3520c947ae946dbcb796812433922bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eko-rendang95-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4f43d9c2718e65663d25c2c078518717b296a0dda5e9e0d5c6b9e90ce56a2bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in heavy_bobolink_dumbs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0dbe85c01db4fddecfc3f63b96e127fd70abe4f6951f47ee4c68d0796e0c7b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-63617 Malicious code in jaja-esdoger7-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 557a882d069bf5ed48771b9a9fc6ec58d8b37142dac62993c5693f7c18fd1115 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vmcv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx c11bbc18eed90a16c9f97af431f82f876a541a8d4087d436495e6a195f4c4ee1 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...