15 matches found
MAL-2025-185365 Malicious code in abstract-decrypt-async-public-phi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b85be1c1821e69911d086ceb1086440095d3c75414a4be0d017c6474f0df12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186490 Malicious code in data-grep-string-transpile-link (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0baec754b0baf24fb249ba7fbb7cc8b4653d63b04595b2df0119337a6b7e57b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-138244
Malicious code in avangs-olimois-nolianu npm...
MAL-2025-175623 Malicious code in ksai-kil-kokaiali (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 515244ae2725a89485ea8e47908e14b7e47985c436a4713b26f81c43037e565e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avminah-fagias-fimokafiguaogi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d25fbb53367aea05f945c8362690a8f76afb532084037cd047c21b1da13d0de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-116925 Malicious code in rudi-semur2-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a462b1a40576e30f5cd5dd757699fc1a4b8de1ac47faf8ce9cb42d7e0b04c83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-108603 Malicious code in shallow_scallop-biggestdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f1690c74103c8e8ecc73348ee3523365d1ed3cc930d2dcd4d217351ea23e905 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in premier_lynx_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a8fef18aed2f9ff98d0ac32b4f62f39c438000eef09a64ec2af52581ad6256d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-101189 Malicious code in daily_roundworm_0xrequest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffe14a068c17f86a4364016cc21a8f37116b310aa58756f4a9030f8f48e81fd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in significant_hornet_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7242218c8aa62727e779c29c54bbdb6325722766cbb2ea0b5d26ec939cf8b4ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-86325 Malicious code in hanafi-oncom14-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6f7663b88592aedf85388723186634a8202b19410747dc45213c35f9cdedbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zain-brongkos73-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc2b051bd4399b3ab0656c54726d38d9436a7b84d8ccd939bd3658b90892e8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54906 Malicious code in siska-getuk55-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 471ea9d330f70d3a6d2010c25c94648e6cd29805f32af2ef5e2214f8cc85a5af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kurniawan-oblok34-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f764b2fe4bf58c80a46f312cc3cea9818bedaab2d5c8a22b1c283e879be20e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in 3a-spawn (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx bbd096556ffc90070942d3750f4d790cad77115f15c0e3b8aec5d6788bc817d8 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...