2 matches found
MAL-2025-90746 Malicious code in statutory_hummingbird_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad60a3fc7104d1c995fede0123974d01e4b7de4c817756c0ff977295c9fe3eac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in esqrandominfo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9a6685808f2c046c5baecdece592eda602ca8a35bb5b64599b684c917e02d5ea EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...