132 matches found
Malicious code in @rockawayx/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e286c45b54ab9002ef8b7eec7ec686afc0bb82c2867c3640c460c8d1052b2bab @rockawayx/utils squats the unclaimed @rockawayx npm scope and runs a preinstall beacon on every install. package.json declares "preinstall": "node...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...
Malicious code in @cloudplatform-single-spa/svp-gateways (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Malicious code in @catamania/ui-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 326cc4cf1fbe96c77b6340df59ebea040cdd522e3e4bc76471563190044cf53a The package declares a postinstall lifecycle hook "postinstall": "node postinstall.js" in package.json that runs automatically during npm install...
Malicious code in entanglement-australis-event-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fe1daef2ddabff000c930f4c64f389381e92e08eed834fbbb30fe6bb729393f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tectonophysics-transform-crust-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 362c7a3c2a387c1b0b23c2ad16e0ff6e12215ac224b7fe3f752d831110cf1fcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in json-docusaurus-terser-aurora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2a92e7f61c80858f54bd20a3fd7e937f27f7d9ed09ec3e392e39a2ab47a204e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in commitlint-resolvers-procyon-pm2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c84a42a0bd7b27857197441ce982e9035d4e93ebf009d7bb23942627d9ce0b70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sirius-spectron-webdriver-mutation-glaciology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9e68fd5f36e91ed5d055cf305c8aaa3cbad0639e36219d2bc00df0237ff9c4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187102 Malicious code in ganymede-levels-changelog-norma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4be57e2d19eef99afd220a750db064df4bbc79106573179cd8f3529f363bbaaf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in modiov-kihan-afd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63f05cb3e2527c643e2cd3e95d12b5812045997c0d39eb6ec36fe1b5eb4b8fd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lomi-ifush-ugikoi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 281ad84b9410bdb0c19ffe282b3542e0e0f3671e8ebcf075acc61d7f41bb54f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gociay-uga-agidug (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cc6248bacdfabdf7e86d071d14d36e901583ffabf723e76a952d9859eab376f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183288 Malicious code in kiudt-acavog-agi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968f90ea9195dd76bdf7421c2fe74a4adaa31227f502d11dcf996cca7424da6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-181918 Malicious code in avarage-olios-nol (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60f825f3f8feed65f8d0a66c801da5995b866c7a3ae4eedadba4df7ff8175ac9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-181270 Malicious code in @akunsansan0/jorelat3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2116bcc295cdb36b79c0dc1152a23c10dfe80389ba0b840ef99b00f067aa0a27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in teate-thy-sonic-kesel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0e7a67c7fc150412f352d36697db608131c4796e98ffd98c30024365d179951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymer-ibao-sgdahsdi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a23f882ce7b2b39064dd8cd91b9725c4e3e24e92621b093cdcd239e21f67dc54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in poglymer-ogaih-gafc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fb13575327516c54071e239c2202d7248ce313ef1486454464d32e17e57244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...