67 matches found
MAL-2025-149085 Malicious code in vega-callisto-apex-cygnus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbed3cfe68e3a74b472ac88faa9c8d2bf8dd3dd2614d6a118bed34e17c7d1c06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148300 Malicious code in stop-package-phenomic-cz-conventional-changelog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dc099d38b27f19ea7c371913a1c7be9ca31b14fcc5d5c992ed20417fdc8eea1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tethys-non-blocking-hexo-spinner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d885f6678a047d144fa23ca12189e3691db1ed724e104927120acef8a43c47e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tasty_ostrich_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aba02bcf6bc040b83ba7e5e10df0a1bf19605012adf3ca501bb8edb7401b82ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in curved-orange-thrush (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39ef8856f41d66e8d2bfd6b417060f717f920ce163201c6db6b71acdd9ab6f04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vina-jengkol100-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9944d83181f779b5d6174c3b8e4ef1444fe1ff49680f177d7f2f2d4ae48e45d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bayu-nasipecel91-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6794044ec5f4a4ad7e81642d07f21daa6cd6a1709c578cacbb9ca8db10ce35a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-137276 Malicious code in tiara-esdoger58-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0488b2ada9b59a7fc32cacfdae506aa235dc3133da5596962119a257e4baf131 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-131323 Malicious code in wibowo-kolak96-wekto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5412843cbfdd3ca0ea343c13155e44c0b8c04eefb2fea072d6bac9a360a04a37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in selected_hookworm_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2477c2aad954e996a3e2d15943b44cef8df82db75bbc3ac78fc713d834d5b474 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-129159 Malicious code in okta-kue57-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d5377e63f6e5f8d1acd21b09122fd51b2e7410f2ba6ce77ccb575c6e18a9d63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-119748 Malicious code in erick-bakwan68-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dec2b23d4e2ed439eb5f20ff82fef7f891e085e2cdd4ff8f5c4f7a941916ea66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hanafi-gaplek81-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab5724390ca8cbc19a75cc464d78da16a2322adb250bb083bc9648f1be3e285f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rina-lengko66-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a58aefdd0e727cb33856638b50bfbf6a5cd024b6fc5a7dccc45a456473dd63c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-88871
Malicious code in separateflyz3n npm...
Malicious code in different_sheep_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a723c09b71258bb63a911121cb2c000c171978e2bd5cc3be8ea5c48ef872900 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in future_grouse_rose-37 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ab72e665999aaad9a32ec34444c80cc4015cce19563d92d01bf1dcb96fd823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-111787 Malicious code in dark_quail_apricot-38 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0309e6febce7225fd52559c5db9311a3f2e381127af9b7d036dc9a8a4cb4607 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in xaver-mangut12-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f06c3ad73230c00cb2d48240d68a67b78b27a003617463f27d97eeb4d43f094 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in frightened_octopus_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b91d4083fae9ef0688a7b954097d7280475fa54db76bbf2144d10e18995ec725 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...