26 matches found
MAL-2026-4094 Malicious code in @antv/vis-predict-engine (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
MAL-2025-188349 Malicious code in notify-string-deploy-file-private (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 261bf5701f54f586ce80f4a7f1529d9420634df6bbed2f132ab18fb20a29fa54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185027 Malicious code in sonic-kos-fgiafao (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8272ddaf144809d894182063c1348b143529b10c241b2ad070cf5805fc689fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kapvino-soni-favavraia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e61ad79fbc01e8c3f050333f4c498becf893502ce8bb75eeb6f7de8d9511192c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nokiragne-afgagafis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 328faab1c0ad4cb9a54fff3e6a6097fda51015df96105f93578c167516044a70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-167229 Malicious code in teagood-nakama62 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4772cad26423a85b4a26edf51211888d15543575499dca07046292f0944f674 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157434 Malicious code in kapai-safma-agada (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 421302c98ce5734454310a67c073d347d9a28437d13a430f92bcbcf20a2d4401 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168449 Malicious code in tealove-nanami20 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee19211fce23f4c8f2479ee02e030bb0a0c15595a5af3e8f1a0c42b6ea2d168c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dactyl-prompts-mongodb-equinox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b88854fec77d48a538cc347316977da952252004b4553d23a50ebc2866099197 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in magellan-selenium-webdriver-manager-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc85defb5c47d81a6b7152dddb64836d50ee11205bac70928844a4534b6d9e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in xerxes-repository-parcel-ora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f168dfe75d601a991ed88a1e2c0e94f4def5659781b663e517164c6fa7625a4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in steep-harlequin-octopus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f387bb00bb1f855b2251f68befac3df1e9861745d83b87d91db9950be633ef18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-128449 Malicious code in mahesa-lapis48-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f2a5574ae6581493491efb534d39fd93a750c3f9427e17f88dec9777af4beee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nina-nasicampur76-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a62dba2080654e6074acf63d4d0db4a02ae1600ef323da5f63b586c2040d31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in okta-tempe82-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01030e06c94b26aef53376e38dfa8b575a3f2ff37f384fa0fb182e70f267669b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in great_meerkat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b07fe3d2e29561e74e897fc12f5c4c92db18851284c3a80bcd92f1032990980e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-114568 Malicious code in handsome_bird_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2fa7efeefa169dd26d427689b9a8a7b49d745f4acfab34f488ae64cb5ab8ae6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in internal_beetle-strongdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9711b4536a8074abc2369706c0fb94ff33d015794bea749750c4d8005bdc3e0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in prior_leopard_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d1b712ec9ef1aa78d84e625696da794847e8bfef762731b027d2a437ac903a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...