14693 matches found
Malicious code in k8s-node-health (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in quantum-computing-less-loader-mensa-css-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefb4c011996c06f58eda7e1840993e823cf3eddca4bdc92a366643fbc9da57c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in singularity-kuiperbelt-loopback-fermiparadox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1afa76f7fe37851e702aa99f703e08b3365b03f94bca78843a30a75678da27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in beta-error-rho-authenticate-tree (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30cc2769230687e6e7eada5a89a33afaecb48c332be1d59dc5e4f2b0ba46f3f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in pi-authenticate-cold-encrypt-alert (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66ac2ec191304f45d1b827faa2c4ebc3b52fd5f3ba53ea48a1c5a28dafeae6e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in load-fire-balance-try-old (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ed8bd45f714ed76dc28e104d80484f6275477e646f6d793386b90377bb12749 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cressida-indus-epimetheus-borealis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86889f7ce22f369521ce2fceeef29b4481464a118b534f7a620ce86b6d283dfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in slidev-parallax-epimetheus-redis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9648e5930b748de1f16364db1c8526b6da10543ce9ccd1179eef4cf83479a823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cordelia-babel-on-proxima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 991867c5b89cb50239cb4c2cf768a904fa2112cce0f729488b115918476c467a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in graviton-hapi-less-loader-electron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bb8fb65ea2c82a7ebd036fb556fb70c2c9cb967106c4ea3b82b1936b540d8b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in extremophile-fornax-quasar-carpo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d88a6750f997b6922c6e43621f0149719c6dd1780dcde55c9fa55d9aeb2e800 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in xo-morgan-css-loader-prompts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df18935c38976d8952bf589369f1a0e87fbdb16e09e484594e5e302fd8d55ee6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in runtime-stack-awk-visualize-monitor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29f5a4b7134730bc0468b4baf98a46892732f059846e6f73260ec464ed7e041f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in loglevel-hyperion-bootstrap-mysql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3637624f4dc1c51c25b26e76227b5d808fd156ab28fec3f880fab3b549f18a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in andromeda-webpack-nodejs-sadr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1d388bde9d4e260b9a344967865578a95635996ada4aee337f32116385eb627 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...