42 matches found
Malicious Package
Overview @apple-pay-trust/authorize-payment is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious Package
Overview pos-next-react-native is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview spr-i18n-labels is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @usealloy/component-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview @dappaoffc/baileys-mod is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious Package
Overview docusaurus-plugin-launchdarkly is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...
Malicious Package
Overview closure-net is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Malicious Package
Overview immer-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2025-188315 Malicious code in node-sass-commitlint-lynx-public (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb7d81eb99a4b615630e9110e9e4e09cc3bdc9fe3ab07efd0d8b6117778b75e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in haruni-poke102 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc6861bd68c581810e950459e24ae3d7f33e13606cc523c434535d1c89fad2fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168945 Malicious code in tehah-baut-rkonatol (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4fe6bc83e294f34daf83030b7bb2e76c5084bdde1a77a3942c62a84b266db96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-151277 Malicious code in abiba-avi-aumaua (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eebd5e8bbd6a8ce6bde9ac8fe0f0ca7e8096159ac8252002632ec66fe87c77ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148031 Malicious code in soap-postcss-kaus-concurrently (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1a9cf6fe05acdb7591a3ba704a2acfa5bf5787d9da06b4e57b260154da4174 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in social_mule-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eaf692dfb1b6c534ab3b39ebe4ae5a58b5f1867dd98ee9453507931b099f21c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in colorful_armadillo_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e27a09c6385cc77d7034e3698584efaa0ee8c53b5efed657aa7894469875a312 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-110723 Malicious code in wawan-bika27-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b5cb7820727398843d71788338c2d581ae441fc1aacd0756314cf6913bdba90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-89430 Malicious code in patria-nasipecel42-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fff04fc7ee4a612af01db5f49939b2b1ebd5edc3f6bd864f8b56e5270de35ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-53325
Malicious code in mass-silver-beaver npm...
Malicious code in sparkling-apricot-asp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2731b94183927d512826bf9de6b1d897a9b1dc88db0c252ae7123294f0c1905f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in joni-ikan80-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cefcebf0cea393f88543a682dc29951e55b473c41b1532946afc371fdee7d92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...