50 matches found
Malicious code in polymarket-kelly-stake-math (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9798cce0effcbcf5ed3295f322a375bb1a3cbb7e9db4b7d88c802bf5116639e3 [email protected] advertises itself as a pure Kelly-stake math helper but its postinstall hook scripts/install-check.cjs, invoked fro...
Malicious code in ts-eslint-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e1ffed26d2d64bf9076210504de22b87e27a065821dedbc708fb05f7c47db74 The package [email protected] presents as a TypeScript/ESLint/Jest helper but ships lib/collect.js, which imports childprocess and invokes...
Malicious code in class-weaver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e45cdd0a93db2db56ae7fd2c348305a5ce7aeab9c6fb4b2331c2a547b2c5e7 class-weaver advertises itself as a className/theme utility keywords clsx, utils, styling; exports named classNames and twMerge mimicking...
Malicious code in mutaus-muiop-butysd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c67e52174476e2caccacdb3c72613ffba8906080474269e8ded97b20894b8f8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nokire-genji19 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c1574f9336b8e61d756ec719367753bf45328dc1e5353ed32c792bf8b5dc56a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154830 Malicious code in fadila-poke1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a4763a925e20510b25e35310a8f9ff3b33faa69187b219a2776ca4470f76c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117133
Malicious code in reduced-gray-chickadee npm...
EUVD-2025-69109
Malicious code in maman-lutis1-ruro npm...
MAL-2025-110721 Malicious code in wati-wajit68-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b6d383e5c4d4721b7591bdd46b99e4dc181949517db8edc06bb9605ac2bc494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oktafian-sambalado3-tititugel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2446096a2b988689191721ca1711677428e632334e8d83fc5314e31f4fa16e6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2019-0792
Malware in sbrugna...
EUVD-2020-1444
Malware in sbrugna...
EUVD-2020-1469
Malware in sbrugna...
MAL-2025-37007 Malicious code in todlib (npm)
The package todlib was found to contain malicious code...
MAL-2025-6670 Malicious code in z0rsdumbtestnonshould (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6653 Malicious code in schematics-cli (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6652 Malicious code in sajarilib (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6420 Malicious code in frontend-feature-flags (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6419 Malicious code in fooldependppu60h (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6415 Malicious code in essentialss (npm)
--- -= Per source details. Do not edit below this line.=-...