6 matches found
MAL-2025-129148 Malicious code in okta-getas35-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85eece0e6528e1ecba32c62bcf6fd3e6f97536bb5efd3dd36429820facd6aa75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in okta-ketoprak34-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccdeb95f9852368af8aeb1e17e82fae0ced66855bfd87d1bc6537b5a3963709a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-72077
Malicious code in okta-getas88-pore npm...
Malicious code in okta-kue63-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03bab93f8a3291e29dde70a1031bf27dd4a77a07612b482d5965de07118e71ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53973 Malicious code in okta-nasipecel81-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e165563ad4c192505fba740c2ed703d8610244787463ba0f7619ac272cc8a070 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious Package
Overview @blk/idm-okta-sdk-js is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...