Lucene search
K

646 matches found

OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5227 Malicious code in autotel-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24b4c58f169d6aade68f71b2c8fef07e94a87e4a5355f6fcd6ca9962c354d0c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.14 views

MAL-2026-5228 Malicious code in autotel-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96eb4c86a5765c2e51dfe25f9280eb116088dd6addbf1289f2d0f6b8af236bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5213 Malicious code in autotel-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in tool-tailwindcss-cosmology-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024cbd055f4aa386cbd24118ce725f651db3fc425f37acf6453c7e535d8d1d1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in miranda-postcss-blitz-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea79ab04fc3a6ac4cbf5514fff31c3ed5fba441933ff5d9a861ea695d6fed4eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in sagitta-polaris-configstore-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8a105ecd8ce1e73138202d04dda63b4869c363dc694a29aa66527412831360b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in janus-avior-superagent-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76d7e0f0d70899116b4fc6cea226c83b8d9abec5c181fad0840d0e4d2aad1cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in lint-antares-luna-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0795e430f9e9aba719b3b6a20ccc0a64f2fccd57f1f4a9b17108037f6fd87d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-188058 Malicious code in mira-fusion-yildun-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6df0ea3944c62f78d72d9a701c0e41295455162fe1dc8975371c9456810d08b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187082 Malicious code in gacrux-farout-publish-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 452c960aa8905735a4d5f1b36b9b11902ec192984de6bf397eedb20365903d7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-189913 Malicious code in thermosphere-node-sass-farout-seismology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afedec7a9c064479a8e2564724676591ba3d6387ea85cae80291cab11358ca4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-186870 Malicious code in europa-lynx-janus-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6ce887dbc94c1be94b6425244b58969751b2008b1b2db5b16d73c4f5eba3420 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-185587 Malicious code in astro-photon-publish-blazar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb6468812cdca3cbb6f3ebfbf8ac1b3a003fa7818d9ca76518f64c943efdf09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-185454 Malicious code in analyze-signal-bundle-query-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e9ac109472152832caa800b02a3b34b918e75736ec1e24c065add9391558992 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189586 Malicious code in solarnebula-parcel-biohacking-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50ed3cebc11406d149f99f7b8fed1fc90bbf3c960903007d1a3ee0dc48bedae1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189615 Malicious code in spectron-webdriver-commitlint-apollo-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2f9393dc8a7a4eaa19f6f45d6cfee1f7b390f6d38c9d5c9e9a13032f53e195c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-188132 Malicious code in mu-kernel-phi-transpile-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82eca8c24515f3f57b6ab4d894be6fb0ac396fed83700b9e8795624a47e9f01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-188169 Malicious code in nanotechnology-seismology-dotenv-parse-variables-darkenergy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7281d4ea4b4a674c44eb06ed7bbace36a580718444923d80db828d3aabbb64b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in borealis-promise-spinner-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68c7357be2aa15b46b85c919af1456a68d791ec27c6ed54c2d089fda32b2e8e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder