906 matches found
MAL-2026-4347 Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in dog-process-file-file-moon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e1459e69ec028b22bba506edaaede14ac3a45a1b48d29ce754a8be9f0a3522 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in encrypt-meta-authenticate-log-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b652ac77988fd5095d31173051f104a9282bb6428032f99261ebbee04f6289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in iota-centaurus-blackhole-cosmicray (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe9edd2d1e8b436561ebe0f717ae927f48886e57234216c51efa7ee60e1199be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in prompts-jasmine-wolf-duplex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c4950e6676dcd08c2d832364db96e59567d89ab3b4af075fb7f3fc3b563b84a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cladistics-crust-blitz-delphinus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c316f4e58246fa52759b2c006660c1ca9ee997f2706fb365c7d763fa3baf2b7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190062 Malicious code in unuk-cryonics-gravitationalwave-meteor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225c6f028045f33fc48c67590d46948179140d8d81db33b12d629102859783b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186280 Malicious code in config-regulus-auth-ophiuchus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187994 Malicious code in mesosphere-private-farout-boson (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 982be16bee3a131de3f0ee0733c342b0c9531bb8820ee69c8d9cee3509fc71fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mock-parse-earth-export-hot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34794b0828e1a200e5572cca5b219a30310bc6f4495e2634c3ddd92840c50ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in miranda-biotechnology-xanadu-halley (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 252ea35406402f4bad38396317c238088ec6afcbe8e5aa922bda36ae0b271afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in command-leda-fetch-delphinus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5feb6e2ef6c9afe8aa0d51f1a5b382e86c7f05202802ce99f9d5296a1ce376d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in archaeogenetics-astrochemistry-quark-chakra-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9101bb249512831ae69aebab145195c2c777abc6fba8d572f58c08df4437898b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in local-kaus-wolf-local (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a07177608ea4cda7a96b7407c262d50c29c3b1cfc21b7e19c5d347ce377dd175 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in repository-reveal-md-multiverse-quasar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de52f7052500891977e9b92278627f7cabde231989ddf59ee96489c8f19bf65a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in baryon-antares-leda-cosmicsilence (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf008fa0c59cf2a2efbee43d63306487f972657743488c6054ff09cbe33d202b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189161 Malicious code in release-it-apollo-norma-vuepress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21720d221c3af640d8dc3cbd4404fd10878947a67b82f019946f024f4ca1bd45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186906 Malicious code in exoplanet-string-bulma-tardigrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3db6d30965032b31e8676816820d7bbeb491cca49937b3702c7436d896a3b8df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185839 Malicious code in biotechnology-enceladus-jovian-changelog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f3c36919a7001f229303c0e8f4408d4ac99f412e66f6940bfdac27e941ef40a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chai-juno-eleventy-hydrogeology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a651f6b98ef3ec7de1e3366e3618090aba6d851129a759dc82198724df69145d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...