Lucene search
K

906 matches found

OSV
OSV
added 2026/05/25 12:0 p.m.15 views

MAL-2026-4347 Malicious code in @devcarron/clob (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in dog-process-file-file-moon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e1459e69ec028b22bba506edaaede14ac3a45a1b48d29ce754a8be9f0a3522 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in encrypt-meta-authenticate-log-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b652ac77988fd5095d31173051f104a9282bb6428032f99261ebbee04f6289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in iota-centaurus-blackhole-cosmicray (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe9edd2d1e8b436561ebe0f717ae927f48886e57234216c51efa7ee60e1199be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.3 views

Malicious code in prompts-jasmine-wolf-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c4950e6676dcd08c2d832364db96e59567d89ab3b4af075fb7f3fc3b563b84a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in cladistics-crust-blitz-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c316f4e58246fa52759b2c006660c1ca9ee997f2706fb365c7d763fa3baf2b7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-190062 Malicious code in unuk-cryonics-gravitationalwave-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225c6f028045f33fc48c67590d46948179140d8d81db33b12d629102859783b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-186280 Malicious code in config-regulus-auth-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-187994 Malicious code in mesosphere-private-farout-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 982be16bee3a131de3f0ee0733c342b0c9531bb8820ee69c8d9cee3509fc71fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.3 views

Malicious code in mock-parse-earth-export-hot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34794b0828e1a200e5572cca5b219a30310bc6f4495e2634c3ddd92840c50ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in miranda-biotechnology-xanadu-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 252ea35406402f4bad38396317c238088ec6afcbe8e5aa922bda36ae0b271afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in command-leda-fetch-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5feb6e2ef6c9afe8aa0d51f1a5b382e86c7f05202802ce99f9d5296a1ce376d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.2 views

Malicious code in archaeogenetics-astrochemistry-quark-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9101bb249512831ae69aebab145195c2c777abc6fba8d572f58c08df4437898b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in local-kaus-wolf-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a07177608ea4cda7a96b7407c262d50c29c3b1cfc21b7e19c5d347ce377dd175 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in repository-reveal-md-multiverse-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de52f7052500891977e9b92278627f7cabde231989ddf59ee96489c8f19bf65a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in baryon-antares-leda-cosmicsilence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf008fa0c59cf2a2efbee43d63306487f972657743488c6054ff09cbe33d202b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189161 Malicious code in release-it-apollo-norma-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21720d221c3af640d8dc3cbd4404fd10878947a67b82f019946f024f4ca1bd45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-186906 Malicious code in exoplanet-string-bulma-tardigrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3db6d30965032b31e8676816820d7bbeb491cca49937b3702c7436d896a3b8df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-185839 Malicious code in biotechnology-enceladus-jovian-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f3c36919a7001f229303c0e8f4408d4ac99f412e66f6940bfdac27e941ef40a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in chai-juno-eleventy-hydrogeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a651f6b98ef3ec7de1e3366e3618090aba6d851129a759dc82198724df69145d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder