5 matches found
Malicious code in modiov-kin-afudsaczub (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6c5deda5f76856e429d60884636348e273acdbcd8753bd54dac43dc0f945cc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-161718 Malicious code in nacho-bunian-c (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08deafd3bdbddbf5ce5f5cbc28be6529ef6252661c07dfa1c1742192a4272f6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in occupational-amaranth-buzzard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8dac78f5970a488917285472c72c67ff53a0c90384e403cb076c30578a0e865 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in late_guanaco_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3592625e8b09615e807b9d48c5ff3a0e361913cf9fffa050e810c47c939c3ecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Upgraded Q -> 2 from #17 [1681332048307]
Judge has assessed an item in Issue 17 as 2 risk. The relevant finding follows: L-07 First user that stakes again after a period without stakers receives too many rewards The MuteAmplifier contract pays out rewards on a per second basis. Let's assume there is only 1 staker which is Bob. Say Bob...