2 matches found
MAL-2025-138916 Malicious code in original-lavender-hoverfly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7cff724291031461ab159ba45bb2ac32653ad7f88919277281836ad9fda92a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117186
Malicious code in original-lavender-hoverfly npm...