Malicious code in abina-amugymi-amamagu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f6c4a2c3369205fa54145bbeeedcaa28638012181503e49ef22e38b5c68a7ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in akanabi-abila-aia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac97fbc1cbf9a928528f94021e7400fb4733963cc891d3dfd795bb0697effcd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in guras-visa-malaysia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607f50c5cb9692aa7116c15b3c93042ef705cd20a266af11ec345508c32472c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112700 Malicious code in arif-kue9-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db5fa06ee2cd598b71ce4833d0e2f06ec06872184c69e1252d578c1b8846f42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-93440 Malicious code in brilliant_parrotfish_requirement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96d5dee66f2b42da506990fca9808c8560ede43b9ae2eecfc13641a6e7707a9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-84778 Malicious code in dono-sate57-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa50890d30de17d880df5b1639f52fa6fb55089591d01c90ebc4411b1e4fb12c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-77695 Malicious code in dono-martabak40-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81bb2d6b29b21ecefd6c246c5d45de3636dd0efdb9628c883fd82287316e4027 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-62582 Malicious code in disturbing_rooster_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc4661837a90d92fd5473e343b7b8bf8503bca57cab49c4adb192d587ae256d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Invenio-Drafts-Resources 安全漏洞

Invenio-Drafts-Resources is a submission/deposit module for Invenio. It is used for research data management. A security vulnerability exists in Invenio-Drafts-Resources versions prior to 0.13.7 and 0.14.6, which stems from a failure to properly check permissions in the affected product. The...