7 matches found
Malicious code in gemini-postgres-rehype-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 835234f600dc962131b0c036e7163ad52a55b2eff7514f87441427dbc9a88dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153826 Malicious code in bitha-30 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9279a677dd31d83f864ea5ab52a1cc5d6b7fab649b06aafa27a16380bd99651 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in supervisor-achernar-grunt-pavo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48f323ac3d0266c611dc785a29dda3609bfb5ebae4b6c82d2daffa3d7ab3ae38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-6690 Malicious code in ace-widgets (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-2529 Malicious code in syncdaemon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5bb66f3a9159e25129919edb2f4a2e771c86ee56706bcddaa2c0c2fcbf0df0c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1921 Malicious code in reqmanagementui (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11312 Malicious code in bigcommerce-monit (npm)
--- -= Per source details. Do not edit below this line.=-...