Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/25 6:8 p.m.10 views

Malicious code in @service-suppliers/set_selected_supplier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eba319282947a6dfb83a31cec6127e62594cc16160bd9c74cee3feee349c4b07 The postinstall hook in scripts/postinstall.js performs two independently-blocking actions on every npm install. First, it scrapes installer-side...

6AI score
Exploits0References2
OSV
OSVadded 2025/11/12 8:46 p.m.3 views

MAL-2025-180597 Malicious code in teate-thy-sonic-kete (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d7bebdc58e7aa6c0e617bcea75dd79de5b58d97be2fcbe7c61865dcbec62023 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSVadded 2025/11/12 4:47 p.m.2 views

MAL-2025-164430 Malicious code in polymedr-mindatas-burfan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd7340f0109feeee70dae28e2c551be35ea83880e3d85cd49bde444998602565 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSVadded 2025/11/12 4:29 a.m.2 views

MAL-2025-139442 Malicious code in antares-supervisor-kinetic-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec376c7374c21bc6c2e7e7526708b9be627909142b8b6f8a4880b647e44265df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSVadded 2025/11/12 4:29 a.m.2 views

MAL-2025-147090 Malicious code in readable-pulsar-umbra-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6a37db6acf1eeb86d61cb6ee3336ecdd064509d9376e2b98857ad59d03c55d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSVadded 2025/11/11 7:44 a.m.1 views

MAL-2025-102436 Malicious code in extraordinary_canid-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126662e4fbc20e6e6e92cad1c717eb276b6d5951b8c7ea0f8587f42d1a1cb3af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder