Lucene search
K

80 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.7 views

Malicious code in @tinyfox/shapecheck (npm)

@tinyfox/shapecheck malicious version 0.8.7, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

5.9AI score
Exploits0References7
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-185691 Malicious code in await-figures-nodemon-genomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a869a28f31c40cb68319afbf18203d968e72964b99a41e113d39ae9f9c6b6c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 10:25 p.m.7 views

Malicious code in imodiov-ofi-cafacevavisvoemolcabyca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 962607cb45586f2764eeea9e30e1d283b9636cf945d3d9cc828b964090b7f75b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 7:18 p.m.2 views

MAL-2025-174552 Malicious code in haritono-poke16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a67e75e2a878dee62ae66da04541fd65ead2cf177b06bd2e19f08123c934f6ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 6:0 p.m.3 views

Malicious code in jacksonmason (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a26ec54d4324d2cf6bb67baa2a15b7667b289c8fea3cb52530a4ac10c18f009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-164536 Malicious code in prayoga-poke38 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2a3e5657f930a584288ca2908d1941fa0e57df98ae73f62bb72d339eed6c95f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.4 views

Malicious code in mahnud-magu-naikufam (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aec428aa134d7eafd24ebedabe4cf4c5b34ad71b680de2ce280e42bc6de0b58b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-152694 Malicious code in angin-poke37 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d560712bf43dd69553bfd68726aac8cad3ae6d1cb54ca40f3c39718780267a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.4 views

MAL-2025-164519 Malicious code in prayoga-poke22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c54bf352d67bbdc1244586375c82be3aecdf0e2aa507ac2aff018f96241041d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.2 views

Malicious code in hydra-standard-dependencies-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 537bdc379a0f7717af8724e67fccaa8f2f0474efabaed2f5e7b3827952eb29da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 10:56 p.m.1 views

MAL-2025-134019 Malicious code in hadianto-lengko53-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86344aec5303d0f27e66f4e9ac837a0b91c5b60eee6e50e9174a37a7c4b403a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 7:16 a.m.2 views

MAL-2025-101015 Malicious code in correct_galliform_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d4b4b75421b2324b7e08720e9ad5db0fc483fa2762269a4113d34e0a0aced16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 7:16 a.m.4 views

Malicious code in okta-kupang19-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d229c4137d330ace6afa3a21542f24a2a29bc3174432dbc308a17907dd21d785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 4:25 a.m.1 views

MAL-2025-85258 Malicious code in erwin-tiwul47-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 288c034863766badc06b956fe2228c63698fb5bb9b5c31948d45afbcea5a34fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 3:48 a.m.3 views

MAL-2025-82304 Malicious code in wawan-ruwet50-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 865bca909dfefd36864c35cf8c85a7a1b45027b4f08e31762cd95c112956bda2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 2:29 a.m.3 views

MAL-2025-73061 Malicious code in galih-tempe35-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e704927832caebdf9b9f691eaa9b1bae662b1b1fcc0c861df49be9ae1210a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:41 a.m.4 views

Malicious code in back-tomato-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfc9eb96f6ea491f125e2a8ffc9ab979f049abeece0051f7269e05d6a12ecf54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 12:41 a.m.4 views

MAL-2025-66630 Malicious code in acute-coral-blackbird (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16545de8ba919418933e1254d4acf55b5677757bff170f418d20b00024f07d65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.3 views

MAL-2025-65516 Malicious code in tania-enting16-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b41ba16489f44b636b552e11dbfe7e741104bf95dd7fd25e2170355d55049b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.3 views

MAL-2025-63459 Malicious code in inclined_louse_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c9ac2f82d1b30e5e15dc099532caf5ee4cbc6c3898e2dfd6e2d614f1061e9d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder