80 matches found
Malicious code in @tinyfox/shapecheck (npm)
@tinyfox/shapecheck malicious version 0.8.7, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...
MAL-2025-185691 Malicious code in await-figures-nodemon-genomics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a869a28f31c40cb68319afbf18203d968e72964b99a41e113d39ae9f9c6b6c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in imodiov-ofi-cafacevavisvoemolcabyca (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 962607cb45586f2764eeea9e30e1d283b9636cf945d3d9cc828b964090b7f75b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-174552 Malicious code in haritono-poke16 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a67e75e2a878dee62ae66da04541fd65ead2cf177b06bd2e19f08123c934f6ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jacksonmason (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a26ec54d4324d2cf6bb67baa2a15b7667b289c8fea3cb52530a4ac10c18f009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164536 Malicious code in prayoga-poke38 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2a3e5657f930a584288ca2908d1941fa0e57df98ae73f62bb72d339eed6c95f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mahnud-magu-naikufam (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aec428aa134d7eafd24ebedabe4cf4c5b34ad71b680de2ce280e42bc6de0b58b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152694 Malicious code in angin-poke37 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d560712bf43dd69553bfd68726aac8cad3ae6d1cb54ca40f3c39718780267a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164519 Malicious code in prayoga-poke22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c54bf352d67bbdc1244586375c82be3aecdf0e2aa507ac2aff018f96241041d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hydra-standard-dependencies-fornax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 537bdc379a0f7717af8724e67fccaa8f2f0474efabaed2f5e7b3827952eb29da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-134019 Malicious code in hadianto-lengko53-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86344aec5303d0f27e66f4e9ac837a0b91c5b60eee6e50e9174a37a7c4b403a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-101015 Malicious code in correct_galliform_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d4b4b75421b2324b7e08720e9ad5db0fc483fa2762269a4113d34e0a0aced16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in okta-kupang19-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d229c4137d330ace6afa3a21542f24a2a29bc3174432dbc308a17907dd21d785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-85258 Malicious code in erwin-tiwul47-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 288c034863766badc06b956fe2228c63698fb5bb9b5c31948d45afbcea5a34fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-82304 Malicious code in wawan-ruwet50-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 865bca909dfefd36864c35cf8c85a7a1b45027b4f08e31762cd95c112956bda2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-73061 Malicious code in galih-tempe35-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e704927832caebdf9b9f691eaa9b1bae662b1b1fcc0c861df49be9ae1210a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in back-tomato-dog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfc9eb96f6ea491f125e2a8ffc9ab979f049abeece0051f7269e05d6a12ecf54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-66630 Malicious code in acute-coral-blackbird (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16545de8ba919418933e1254d4acf55b5677757bff170f418d20b00024f07d65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-65516 Malicious code in tania-enting16-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b41ba16489f44b636b552e11dbfe7e741104bf95dd7fd25e2170355d55049b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-63459 Malicious code in inclined_louse_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c9ac2f82d1b30e5e15dc099532caf5ee4cbc6c3898e2dfd6e2d614f1061e9d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...