Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 7:18 p.m.4 views

Malicious code in rindaman-poke77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21f2f31c93b002c37d4b0f07b2586549c04e5da093ae453d71a6106ff5d89b6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSVadded 2025/11/12 4:29 a.m.1 views

MAL-2025-145149 Malicious code in mongoose-colors-private-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2016b08d398ea500476ae7f3915149632d7a439309de048e028ac5181209428f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/11 3:19 p.m.0 views

Malicious code in putri-lodeh81-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c6c53e56f18c9db8b0f3ffa5046136f6b4fdb5adb4b36a3999f99b67d5b55b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/11 3:48 a.m.3 views

Malicious code in maman-gorengan95-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62388c32c18c7f0470391dd9228f1f2773081fad61b6fbfdebede4e3b9d029da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder