64 matches found
MAL-2026-5900 Malicious code in chai-as-decrypted (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ed93b06c95c42e3183b89e5fb1d9dea3f711bb20d766861c8d16b8d17f17cc9 Package name chai-as-decrypted mimics the popular chai-as-promised, and the README impersonates pino uses pino's npm badges and links to...
Malicious code in chai-as-tuned (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e00f81e117716cfd7fd3565cf8b04073cd494a6da2c23749669133806a7473 Package name chai-as-tuned impersonates chai-as-promised and ships a README copy-pasted from the unrelated pino project npm/CI badges point at...
Malicious code in @qwedqwed/axios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65cc6ad7f5d72e7e50a4493915cc5b8ce23b39b6f25ca5515228be44695016ca Package @qwedqwed/axios is published under a scope that does not belong to the real axios maintainers but copies axios's README, source, homepage...
Malicious code in @antv/chart-node-g6 (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Malicious code in @antv/g2-extension-ava (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-3650 Malicious code in microsoft-applicationinsights-common (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
MAL-2025-184092 Malicious code in mlokok-lfki-hakumajiausubi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7acca2e524d32626d2fc84ea7b162a842d20f4683996132407e7a05c6e59af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in baso89 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08531dd6386f4b370db1bfa2bbb50da4539c83cb1d4d2686b7a729bbc4109195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-176883 Malicious code in nuragi-sutafia-dagiug (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2b8f6d968dcfa45e30a31c086fd25798f3a57123f840bcdc4681c74195dfa8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-178312 Malicious code in riya-31 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d81629a108c1c22751904c02fdca540020590588011d855c481b9775f8a2895 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-176999 Malicious code in nuuur-zidan-tea (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05673a8df673bb19d5454826b918db1b16efc542fa2caaf8a45162219406c63d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in teagood-manaki73 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c73abe2677c0f4a34d74b7d78caad46b26bcdeec6d8394a17280a177453a8383 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rino-poke8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfe19b42dee89c876b8d299f6694aafda05151f80e1f085389221e508f1aadfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in slamet-poke12 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cd7fb75efbc637f36190ff59be2616a744c68e52c116f2ee378ec29fbcfa0aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avminah-fagis-figa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90cc9c731ede30beb59dc483904da696a9674e1ced0435e89f1622d0a2eeb2b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rino-poke22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8c4ef79819928acbc765b0e013e77727aa5ef1319bda94a1174eeb34774885b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymeria-nuyiagtso (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d709c4d157bb883e2349a64e5be6b5c93de8bd2dcfa85c83c2f2c5ab08cc889 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153133 Malicious code in avminah-fagimas-ofisugooagafag (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb81634debd98ee5ccb53dd1c8dc99f43a93e4dc3744255f5631b0e355bc8d02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-166233 Malicious code in suharta-poke99 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adf5349c3617cb10b65df1d736d4d2c5cc5865c2241ff9fbef0404baa28dfdcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164975 Malicious code in rita-98 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9508b9a417471b3af8ded6f50a1f7e97c2d9ca74d1b7234a0421a7c1f8b22fed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...