44 matches found
Malicious code in corresponding_orca_0xrequest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a47907447e9562ed833b0ef25e5bc9df734fd6220dcea8418d496217aaf7aa80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in yanti-ubi57-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87bbacbef08999c0e5a5b9dfd11921d454e3e255b6340d2be67e2d3dd4611c29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-94104 Malicious code in doubtful_lynx_requirement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2803fe703956a45365f5fc8af19148a04c9c2e445d4d5f17615b366100980f32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-85237 Malicious code in erwin-semur75-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf87a28f467a5719702dab7f275eccacb86ee0bb9da21f1b8db5f9cfc49a04a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cindy-lepet14-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0eaf5bc711cfff7ae63abe6f1d78343689178b2e8fe3f34362f3dff5873c6267 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-77284 Malicious code in cindy-kentang25-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40f1259c47a5d9ce678701b2dd3bcade2a6cee99fd236f7e24735a689e75e3e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in immense-brown-elk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90d0bfeba4125eb4c3e9e3ebd23385bc527e264cde1bc42a0b95447f427300bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in spontaneous-black-galliform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e54e25dbdeb337e2d94d8708d59bb7b6778c66e442d0016b47019e6b512d174b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-69078 Malicious code in leading-ivory-mule (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6359b27a77f0f5dc72400780849de8ac12fd5dc192594677d30526f50469153 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-70720 Malicious code in sore-crimson-capybara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3de034b20a6e5ba4a2c6e29bec9c51e42f5440f1b0870ff24a93a60fdab7e8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-66869 Malicious code in atomic-scarlet-bug (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74b15ad2ec416cd71e77d02094929a9f12b4c3f5043985d4534327b63530dc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-63553 Malicious code in irma-nasipecel39-sumpek (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 789be9036800b743a994c61970e1fe3b6f6aab764c034c05081d7a9d84ca2922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in feminist_salamander_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 648bf8a1c1f1e2968d856890bf23d0710adcbdcdeb752f2ad9a6b01c6bcad6bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54995 Malicious code in surya-nasiuduk14-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f014e33e4e274fc7972a8cc00a851222238ac98295739db96208217cef888bcf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bambang-klentik11-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ae7d2e4d3c463b671641e17823d38ae616f35892de2a72f65bc45f119d8f2a The package bambang-klentik11-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
MAL-2025-50453 Malicious code in galih-ketan24-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543310dd37e6af461e3584ca0c6e52e50584cb2b71e206a0aa42aad3f5d9c804 The package galih-ketan24-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...
Malicious code in @zalastax/nolb-googlel (npm)
The package @zalastax/nolb-googlel was found to contain malicious code...
MAL-2025-3022 Malicious code in pocketnet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73c905c72824fcd244dfaaa2732a81deabf6f59b88d5c95e9d513fd1dd8f5a22 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-557 Malicious code in meli-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 323ab06bc2e65542017ab341bb31cbb5163ad6ed63cf9259878b1a7c2c9fc000 The OpenSSF Package Analysis project identified 'meli-logger' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-434 Malicious code in dropbox-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 14813fcc0aa3e31ac37a8fe31ff8f6d050bebc01d1fcc73ffdd6507d209344a0 The OpenSSF Package Analysis project identified 'dropbox-service' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...