81 matches found
MAL-2025-63459 Malicious code in inclined_louse_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c9ac2f82d1b30e5e15dc099532caf5ee4cbc6c3898e2dfd6e2d614f1061e9d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zul-enting43-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42d3bed3060a364dd24e1c084aae8f749038e913dbb78fa879b027f0b342d3b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bayu-teh15-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffcd6602ae814613ecf8efc41a922ea7445cf16da8d6457f6dac3b76a488bf52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in laila-tahu81-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94d7d5487b25cf5734d6c71afa399d6dd647ec8e466ed13af6acf473a64aadc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-55736 Malicious code in crooked_heron_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d333df5d2bb2410bd16346b432413c7fe6ca871c25122066e725cf2b6e9ba71b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54235 Malicious code in putra-lutis55-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac1503d3a96f80148b1174ab12255db9179e2424d4754a3ea198483181443488 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-50479 Malicious code in gilang-tapai12-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be5f5a3b66d6a840350f1c953747f147622265571d33571737ce62d1522d5b20 The package gilang-tapai12-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
MAL-2025-51891 Malicious code in fitri-brongkos43-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbf1c411850b4a1d643d02812c4efc1b9b47de4d342f960770bbb3291da0e941 The package fitri-brongkos43-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
Embedded Malicious Code
Overview @basic-ui-components-stc/basic-ui-components is a starter project for building a standalone Web Component using Stencil Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secre...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...