Lucene search
K

646 matches found

OSV
OSV
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5213 Malicious code in autotel-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5227 Malicious code in autotel-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24b4c58f169d6aade68f71b2c8fef07e94a87e4a5355f6fcd6ca9962c354d0c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.14 views

MAL-2026-5228 Malicious code in autotel-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96eb4c86a5765c2e51dfe25f9280eb116088dd6addbf1289f2d0f6b8af236bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/05/11 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in tool-tailwindcss-cosmology-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024cbd055f4aa386cbd24118ce725f651db3fc425f37acf6453c7e535d8d1d1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in miranda-postcss-blitz-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea79ab04fc3a6ac4cbf5514fff31c3ed5fba441933ff5d9a861ea695d6fed4eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in rocket-polaris-prettier-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b22e15bc048395a61f688ffa84069166c241328128e1fb0ab74bb9951a999d64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189615 Malicious code in spectron-webdriver-commitlint-apollo-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2f9393dc8a7a4eaa19f6f45d6cfee1f7b390f6d38c9d5c9e9a13032f53e195c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in janus-avior-superagent-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76d7e0f0d70899116b4fc6cea226c83b8d9abec5c181fad0840d0e4d2aad1cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in lint-antares-luna-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0795e430f9e9aba719b3b6a20ccc0a64f2fccd57f1f4a9b17108037f6fd87d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.2 views

Malicious code in vuepress-process-sagitta-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc981347aa1ce9ba4a3d5d67b8fc8e0149124ab031da8c5695ae9fd361a5743f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in borealis-promise-spinner-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68c7357be2aa15b46b85c919af1456a68d791ec27c6ed54c2d089fda32b2e8e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in astroinformatics-ethology-venus-slidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 226e9d3d2ba28c131f256e2a26ec85fb9afec9418f57e00d7ec0b300e0e98206 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in await-supercluster-prosthetics-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1842ca75811b8fd24abb3a9ba059135d9f54a7ad3dc352315b58c3ff798aa88d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-186024 Malicious code in castor-magellan-halley-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f91c2d58b576b6b398598b006ff7330ccf27b074f3ba12ea2377ed20fee56b1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in taurus-bootes-jekyll-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 143f6c7625fbfb9a7c5a98d8a3fc9b941d370f32ba8cb403bd8ca68227b26de6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in proteomics-supernova-subduction-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcc3669407f31f9abb8cfe0cb205c8684e375a293f5e45b6db130c04b4ee1a0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in testcafe-postcss-europa-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c0b587b82115b84377ead8bc9a56089abcc5377b44746e483ed6e69e89ec63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in rollup-neptune-webdriver-manager-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9641ae1a94bc9e9e2736447da0d80427ac96de8cf3e3560ab39d02c7194a3db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder