83 matches found
MAL-2025-93524 Malicious code in cheerful_skink_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7817695357db0dac66662fad36580bb3e4dd6b59339c4c60fd36f3b92202fbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-85604
Malicious code in ida-kue48-miaww npm...
MAL-2025-78641 Malicious code in hadianto-kue25-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b60a17fdf9b6e2176d50dce3489e4fcdea66b7abd2a11e793f1001d575dde07f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eka-sambel29-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 984ec74caff7adab856f15713c34095a486199a37ee4202d67a520034fed7d43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gita-martabak7-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8805cba177fa0a9790baeee77bcd4415c916174be6bfa1224c8c6ed61b5654d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hostile_bat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 316980ff78d58266fc445aa223c927a13283d3f3891666ccd9260d80b345d2f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mahesa-dodol78-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e51e3d4fb18a59f19216fed2b684b4cd8864491ba7c4e562e48ac01cba3ea03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rina-keripik13-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dac057617331afea50cf59e19efd8ed6da30e27a06daf0a1108cec55a299cbd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-75917 Malicious code in utomo-mendoan4-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e309510414a808e2b8f425deda538c4fc0951c6c00bf1ee8ae8321034d47c90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-51183
Malicious code in visiting-scarlet-centipede npm...
Malicious code in scientific-lime-tahr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7664cc3f842cb70cf16b511822692be8db17bd453ed2864e4fb9520560d74796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in victorious_chipmunk_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 208abc7fc46e160809791619d67537098d88dbbef1f9e6a2d184c2f33fffc36c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mulyono-jengkol69-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b040ebee30c54362f1d991a20ea4ee406219a1713a10d54bb9ebdae52ffe508c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-59499 Malicious code in wibowo-kue90-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 815acbe768fb6dcc21f158a3810f012b5238e4660d8e4918031406b0054f38c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54032 Malicious code in oktafian-kacang8-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcf91ea204b1ff3fd59ad98e571397c7d33743727be13a67fb61439c5a7b86a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-50463 Malicious code in galih-rendang24-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fc46ceb9fbef801faba435bd66a4c36051dbcadb48dad3f49f43a8f3f85c87b The package galih-rendang24-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
Malicious code in fs (npm)
The package fs was found to contain malicious code...
Malicious code in symbcs (npm)
The package symbcs was found to contain malicious code...
MAL-2025-27503 Malicious code in night_akr3h_os9hy_serenade (npm)
The package nightakr3hos9hyserenade was found to contain malicious code...
3dshex (>=0.1.0 <=0.5.3), 91jin (>=0.1.4 <=0.1.8) +1903 more potentially affected by CVE-2025-32379 via koa (>=0.0.1 <=2.16.0)
koa NPM version =0.0.1, =0.1.0, =0.1.4, =1.0.0, =1.0.0, =0.1.0, =0.0.4, =3.10.1, =3.7.0, =0.0.1, =0.2.9, =4.25.19-patch.1, =4.25.19-patch.3 - @ant-design-vue/tools =1.0.1 and more Source cves: CVE-2025-32379 Source advisory: OSV:GHSA-X2RG-Q646-7M2V...