33 matches found
EUVD-2025-117160
Malicious code in profitable-aqua-clownfish npm...
Malicious code in profitable-aqua-clownfish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00590405f461dda0098122e87e1c693979c95cfc3cc20f847d3d36bf0363f34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-102979
Malicious code in profitablepinnipedz3n npm...
Malicious code in profitable_mite-silentdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cde26b132991696977fe5a2beb2f7dda02fb106e7fd08d4157047a4508c79a38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-75951
Malicious code in profitablemite-silentdev npm...
EUVD-2025-80872
Malicious code in profitablerodent0xrequest npm...
EUVD-2025-71406
Malicious code in profitablecatz3n npm...
EUVD-2025-62507
Malicious code in profitableorangutanrequirement npm...
EUVD-2025-52610
Malicious code in profitable-magenta-termite npm...
Malicious code in profitable-magenta-termite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ea1718a0859d2885ebbdfece95aff118ddaa16dfcba31f957c34792fb9fc036 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-52613
Malicious code in profitable-beige-angelfish npm...
Malicious code in profitable-beige-limpet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d98180acef905ba63a8f11b26d933557c47e1099bb9f328c4ffd3663cedbd8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-52612
Malicious code in profitable-beige-limpet npm...
EUVD-2025-52608
Malicious code in profitable-tomato-macaw npm...
EUVD-2025-52609
Malicious code in profitable-red-badger npm...
EUVD-2025-52611
Malicious code in profitable-green-panther npm...
New Guide: How to Scale Your vCISO Services Profitably
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business a...
MEV-attack
Lines of code Vulnerability details Impact Tokens trades can be sandwiched for profit. Proof of concept The price of tokens is proportional to the supply with the current LinearBoningCurve. An attacker can therefore sandwich a buy transaction with a buy at the first lower price range followed by ...
Attacker can profitable trade with the pool
Lines of code Vulnerability details Impact The swap invariant used is unstable with large pool reserves locked. An attacker can generate a profit by trading with the pool, hurting Liquidity Providers. Proof of Concept To find some vulernable configurations we fuzzed the swap function of the Prote...
No slippage control while minting GLP
Lines of code Vulnerability details Impact glpRewardRouter.mintAndStakeGlpaddressweth, wethAmount, 0, 0; Here, minUSDG = 0 and minGlp = 0 means no slippage checks. This can be sandwitched in certain conditions in which delta between min and max glp price is higher due to following factors: delta...