Malicious code in class-weaver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e45cdd0a93db2db56ae7fd2c348305a5ce7aeab9c6fb4b2331c2a547b2c5e7 class-weaver advertises itself as a className/theme utility keywords clsx, utils, styling; exports named classNames and twMerge mimicking...

Malicious code in nokire-genji19 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c1574f9336b8e61d756ec719367753bf45328dc1e5353ed32c792bf8b5dc56a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154830 Malicious code in fadila-poke1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a4763a925e20510b25e35310a8f9ff3b33faa69187b219a2776ca4470f76c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mutaus-muiop-butysd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c67e52174476e2caccacdb3c72613ffba8906080474269e8ded97b20894b8f8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117133

Malicious code in reduced-gray-chickadee npm...

EUVD-2025-69109

Malicious code in maman-lutis1-ruro npm...

MAL-2025-110721 Malicious code in wati-wajit68-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b6d383e5c4d4721b7591bdd46b99e4dc181949517db8edc06bb9605ac2bc494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oktafian-sambalado3-tititugel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2446096a2b988689191721ca1711677428e632334e8d83fc5314e31f4fa16e6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2019-0792

Malware in sbrugna...

EUVD-2020-1469

Malware in sbrugna...

EUVD-2020-1444

Malware in sbrugna...

MAL-2025-37007 Malicious code in todlib (npm)

The package todlib was found to contain malicious code...

MAL-2025-6670 Malicious code in z0rsdumbtestnonshould (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6653 Malicious code in schematics-cli (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6652 Malicious code in sajarilib (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6420 Malicious code in frontend-feature-flags (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6419 Malicious code in fooldependppu60h (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6415 Malicious code in essentialss (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6413 Malicious code in emailphotogallery (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6404 Malicious code in boost-chii-new (npm)

--- -= Per source details. Do not edit below this line.=-...