4581 matches found
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Exploit for Improper Authentication in Oracle Concurrent_Processing
CVE-2025-61882 & CVE-2025-61884 EDIT: Oracle just disclose...
Malicious code in sirius-nuxtjs-genomics-hydrogeology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cc894c78e9b50984595b19e8286f089a9d7ac67d3a4a9c18e378807110f33fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190399 Malicious code in xml-proxima-rest-process (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a1102d2c7aae26b1696c4937b33f1603f7e0cb43277d6af00d48ae46b44ba92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in capella-proxima-geomorphology-sirius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a0a503ecbcebc9e7441e12ddf082270bfb761262e5edb8916dc4925b0eaf7fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in reveal-md-neptune-run-script-ignite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00fcd1101de073cac991c10c78813d879b79b93bdcc3ec039b3cdbaa3c9e2300 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in load-protected-file-index-analyze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a5faade79c2776328e1710a3582b6ad746e9fdb934959e0c3bdca1c6f84b929 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in optimize-css-assets-webpack-plugin-polaris-docusaurus-andromeda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c44a99fabb4e0d5735d6d5ed781d797b9a5c415bb82cacef81f2cc52473301c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186537 Malicious code in dendrochronology-colors-cosmos-run-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c58b497bfa810639e7f04a95d1dfdce0066084759d6a3d71419afa81f4dd6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187235 Malicious code in gridsome-interstellarmedium-private-meteor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc35853619fa48c454f34cb715f9e8d0ccd26fc433fd0366423d526d7580bd78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186020 Malicious code in castor-callisto-miranda-quasar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642a0e3b58478b1752d42ebe06e3728a14dd0d553d9e35c2c8bf429b0d2670e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190453 Malicious code in zenobia-nightwatch-rigel-javascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7808ebb551c621154690455d041307a57992b39f029c79ff41c3100a0a06b108 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189349 Malicious code in sanitize-new-link-code-void (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ea502fe1787665ba66414467f0d22ea7bd53a05d1a42ad35bb8974b5d525531 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187732 Malicious code in leda-gemini-saturnology-jovian (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6f5b569b71df46bf686285180ffd3ef0e011173804742d78524bd68db8bc38c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188645 Malicious code in perturbation-thuban-neuromorphic-dynamo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2fa00f740ade73172c617afb80c51e53ffc4ec855be446bf8bdebf9b4ecc976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186288 Malicious code in configstore-quark-sync-callback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30c3b67083ef101f23672989003756131308861e71de005811d2edde2b5f3f8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185582 Malicious code in asthenosphere-dotenv-darkmatter-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c69657448b3b6a02182e970bfbecadf73fe036e1a80d496d9efe2ead57291f4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186518 Malicious code in deimos-phoenix-impulse-standard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbbfcd766b1ca1c62a132b5ea15ea096166acfd3fa7ec76d70d8f3145d6f817a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...