3 matches found
siddheshtea (=1.1.6) potentially affected by unknown CVE via ruji-28 (=1.0.0)
ruji-28 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ruji-28 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-165253...
Malicious code in ruji-28 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e25684c13a6cd705d15ccee4f7404edf01fc9e2b0a40a3220d9006a59527652 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-165253 Malicious code in ruji-28 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e25684c13a6cd705d15ccee4f7404edf01fc9e2b0a40a3220d9006a59527652 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...