1202 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
MAL-2025-188362 Malicious code in npm-global-sublimation-augmentedreality (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddd49961f0d54ac7944b8c564af29d8e2be7f5aab114048fc3a52eaad56e34ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186379 Malicious code in cross-env-cross-env-photon-superposition (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb2fb8727e1f7724d5accad4dc8d450ac3e5735b535600cb2fee7ed81e14ac8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188990 Malicious code in pyxis-hercules-scripts-request (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6a81f666995ddc6c6187d95530b91ea605e66fd4709f426879c3d30977691f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186875 Malicious code in event-bootes-dotenv-parse-variables-ursa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ae4e0c7b9d2e48b442477e4c3c2f2a64252e4a63f95a4e5c549a3e8047be585 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chalk-stop-indus-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87bb8e1129a1d5a199fd42030542e91c8c409a534084d9519532cc4057e92cc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-loader-hapi-publish-event (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f30a4b6ed232f3a0f88e9b315c00447a3e16a47c406a885a51e8efb67a3253d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cat-void-bash-cache-bundle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778f07c6825f30529d578e5e0b9222d362189c07821fd7aac30de9ef4b174d12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in csrf-callisto-hapi-nextjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3353f2b88309fec3f0a2db16bc2c7dacbf46763f6ef7ba45dc6a3742e6ec2f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in duplex-request-astrometry-titan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2651fe16dc29246ea136b5abe4b863a53fc8361641f4db128a6e69e0911519d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in futurology-fermiparadox-parsec-publish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7932b00db63a52a64e991976f6b489776b42c5b992ba035510f6778c3fcd33c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in archaeogenetics-ganymede-paleoceanography-ignite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f632db2abe61d259b3bc4c1f8b0dace7f1c727cfead5c4c2611a7642171c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in apollo-xo-bulma-radiant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d53fa6d63360ec3de4a80b2c87d0ef1b1c8be878f55db4510f568325a0e0271 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in report-epsilon-socket-beta-sudo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a374b6f621a7480a7de9e738180564cc75591db6337a7b845ed16decbc25ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...