102 matches found
MAL-2026-5282 Malicious code in mrbios (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3bc0ad232af6f3dafcf2d02441531485e0b459c2659542375c62f4f7003c9e08 Versions 0.1.1, 0.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
hackage-server 跨站脚本漏洞
hackage-server is a Haskell open-source package repository server. hackage-server has a cross-site scripting vulnerability, which stems from the direct provision of HTML and JavaScript files. This vulnerability could allow malicious package maintainers to hijack user sessions...
Malicious Package
Overview rt-footer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2026-1378
Malicious code in openblox-ts npm...
EUVD-2025-178661
Malicious code in greatfilter-lithosphere-isostasy-rocket npm...
Malicious code in anak-jalanan-mdn29 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c4c6cadfc42922fba40f819eb2ad5ee38de10b62eb333bd8c70d9759e5e43a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113497
Malicious code in fornax-csrf-buffer-remark npm...
MAL-2025-142673 Malicious code in foundation-sync-jwt-dependencies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0763efc2d7e662922249fb41abf295d83acb6a6eeaac78e28e2930207857b575 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-101027
Malicious code in vera-empal69-riris npm...
Malicious code in adorable_fox_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a27e7786f641defd4833c31fecfceeb0c93f407a4d3bf415d2804571e51d751 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-101047 Malicious code in cranberry-notthedevs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d304027659209740433caf4910ee8ca8992e7b482f001e49c6e9496907d7309 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putra-rangginang25-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8d1e1012385a9f611103f6daef830edb86fec093c40afd254624241f92ff6c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-72333
Malicious code in iwan-tahu84-tititugel npm...
MAL-2025-90587 Malicious code in sinta-soto55-apidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47ab25449378ab4eb3224da90e00252fd87f6633ec197159cd638a4596a24086 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tuti-bakwan78-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb3108dd19be366af22af721fc6c06df60e3253c74202a9f78a9f6bedacd6e2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in iwan-menjes70-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68c7e17025304f4b0c4455ef8ccac2b0d802aaa6ebd02c8b9a25bd0c5608b882 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-50639 Malicious code in vera-peyek48-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6073fc534b9a7e2b4290fa0d2034adaff35af8c0318c03f6123f1ca7394143c The package vera-peyek48-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...
MAL-2025-50405 Malicious code in fajar-sambel40-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ca9c6587d4d84daa0288c9a84982392a9c855b6a8cf36859ca1f253ffe07361 The package fajar-sambel40-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
Malicious code in arif-kue51-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8024c043775d225224a638d6aa61119d85eb7c8a6526865a5ece9d0dc7eda19e The package arif-kue51-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded n...
MAL-2025-49620 Malicious code in yanti-brengkes77-tititugel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cd8c69a43df9dd9bfacffa3e182abc79ff26e4e88f21e007dcff4d8ae3fbe50 The package yanti-brengkes77-tititugel was found to contain malicious code...