5 matches found
MAL-2025-106936 Malicious code in passive_hedgehog_0xrequest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e9f2288b963cd0770fbe6c0aecb013e3f7224ba6ab9d9143768f4973666d76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in naut11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 809d2d5f9fca56b60d196e6b1e05df17f7786a48f4e09465da77ad3444271a6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious Package
Overview acts-ascommentablewithreplies is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid usi...
Malicious Package
Overview fluentplugin-stats is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview audiobankclient is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...