7 matches found
Malicious code in prosthetics-janus-cosmicray-spectron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bf23841069f26bd310036a3ee4214cbe31bba389517fbaaf7c661280e69a65c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184048 Malicious code in mitoko-ontcmi-lapiokamaasi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e972db947077a67379e8e98580ccee6b047595610464042dd3ebc627422eb56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-114049 Malicious code in fitri-tempe81-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e187f9e7497f9a969cd0f99471939cb3a1a5aa4ee8785b9def325963b1e2468c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54058 Malicious code in oktafian-mieayam41-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9123562497f15204d9483ae778abbcc5960405f06ed61373cb9fc430cdf82d0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-51428 Malicious code in citra-menjes80-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee0caeeac3bbaff9063b2cbd7279262118c5ee5f12d5eaba602fe900557860a The package citra-menjes80-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...
Malicious Package
Overview karma-jasmine-i-request is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Huawei Mate 20 Pro Insufficient Authentication Vulnerability
Huawei Mate 20 Pro is a smartphone from Chinese company Huawei Huawei. An authorization issue vulnerability exists in versions prior to Huawei Mate 20 Pro 10.0.0.175 C00E69R3P8, which stems from the system not adequately checking package names in some cases. An attacker can exploit the...