1151 matches found
MAL-2025-147965 Malicious code in sirius-parcel-electron-builder-rate-limiter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d82865d2c4c118814f34f9e55544cc147c81d7874040ad365913faf99ebac58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143196 Malicious code in hapi-prompts-markdown-pdf-csrf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70611763ec0820cf06f80352089a3d6edd38c7a1491891daf9f0bd9f35c623fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149399 Malicious code in webpack-init-uninstall-rimraf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a6471c91382e04439bad5add4efea64590c4612d7a34a262d27a4609557ada3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142205 Malicious code in eslint-config-postcss-loader-ignite-webdriver-mocha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4204c7bdbd78af14a75aad5eb09da611126c238cf10af0e8fcabcd3667cc3cc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145086 Malicious code in mocha-levels-buffer-css-minimizer-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 890c0cae9df9cd10d926ab284ed252cf1cc4bdfdceba6c2355a481aae5936c37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lint-staged-library-fork-perseus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 599e178fbd7b06563cee8ffa42611bd250dbf206a67592c620ac211ef0d23d4b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fomalhaut-phoebe-mocha-miranda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f0c65dc66483e97c54b8468b7f9233fd0f70b6e6e03353e421697a43a22ca46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in epimetheus-enceladus-commitlint-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5b92625cee23fb6202ced8f506a7afb92981746127a2cbdd7cb2004310ad60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144714 Malicious code in markdown-prompts-pegasus-sirius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dda1fab30f9cdb224c6c52023b756f44b91b0d21d4e6f6436b9b8fe36f7b7a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145016 Malicious code in mira-polaris-forever-pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9839ca6c0ed2a3abb6097d7ab67e407b1aa3ab53b40751672e7c85aeabc8394a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140303 Malicious code in callback-package-apollo-chariklo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 629e16768c84e6856bf6028a33cbfb8789a89d5023aad21cb7224dddd26e1eb1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145257 Malicious code in mysql-optimize-css-assets-webpack-plugin-castor-css-minimizer-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 550ccf08e3abaf7c172df12d438802d720d26d8c19209ea20c654059b77bd0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in phoebe-webdriver-mocha-dotenv-safe-nebula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4741cab512695c1c5578f08e6536747101c2e0fff2151fbfe86c9ec962f7f78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in charon-lint-envconfig-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac6900600a2f703e91fffd3e91cbfe8399ad28bfb5056b5c9925357edbde21f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112854
Malicious code in helmet-native-quito-capella npm...
Malicious code in html-webpack-plugin-hercules-aldebaran-electron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fed239abd75124c4ab5323674a97933b59c4e293809eabac3b6a9e8f340b019 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cz-conventional-changelog-transform-kinetic-slidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac90554ba04c26db8c766211102ee31b9b49ce27e14ea6f2e29a5a1bb870369 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bulma-mutation-server-ariel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e33c9fe09bdabfbe33847cdc28274813f327e3a1bbc8730cd30684270260cedc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143785 Malicious code in jabbah-nuxtjs-spica-loopback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14c6404a455bb29d3f9893290050e6e8982e6a5dbc7c9429a4f25827345da287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143735 Malicious code in iota-node-config-nconf-zenith (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776028f8550df0eb3f0612e558293396e665b35add8f207b7c3b8636a9fe1b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...