Lucene search
+L

10 matches found

ossf
ossf
added 2025/11/11 10:56 p.m.4 views

Malicious code in rigid_swordfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c84c037c3f89383cf4e074d21a1a3a158223b46a7061fc7b9b6f5c03df32d0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
osv
osv
added 2025/11/11 3:19 p.m.4 views

MAL-2025-112684 Malicious code in anonymous_dingo_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6fc205ffe0192b0ca346bb41578f99dbf16c62c8bac90b46dbd5595f884b9f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/11 3:19 p.m.2 views

MAL-2025-113240 Malicious code in crowded_cat_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0feefd38f929582bc09430f3257321ff9a57440671a7041a84c9e74446d30742 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
euvd
euvd
added 2025/11/11 7:31 a.m.1 views

EUVD-2025-78582

Malicious code in pregnantdogz3n npm...

6.6AI score
Exploits0
ossf
ossf
added 2025/11/11 7:31 a.m.5 views

Malicious code in outdoor_urial_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66e095cb99e0fab1ff5b672c94a590260244e34d0dd08cd5f206324e2d93a7ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/11 7:26 a.m.8 views

Malicious code in broad_warbler_dumbs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b8dafab7ac587d14c0bded87f0ae8c5b54c874875a00957a068b0e826fd957c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
osv
osv
added 2025/11/11 5:18 a.m.2 views

MAL-2025-95822 Malicious code in overwhelming_buzzard_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642cb9d135ad1b222db0fe628fb59c5590fdec6f4018baaba1c764e3737ed165 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
snyk
snyk
added 2025/08/14 3:31 p.m.0 views

Malicious Package

Overview cafebasicsduo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for...

8.6CVSS6.9AI score
Exploits0References3
osv
osv
added 2024/07/26 4:53 p.m.5 views

MAL-2024-12352 Malicious code in stationschedule (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1fb915cfc661cf3db3f6022ea50272f12924e983b9791743ef639129cbc82d50 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
snyk
snyk
added 2020/04/17 12:0 a.m.0 views

Malicious Package

Overview apressmoysklad is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using apressmoyskl...

8CVSS5.5AI score
Exploits0References2
Rows per page
Query Builder