191 matches found
EUVD-2025-111933
Malicious code in kinetic-ophiuchus-antares-run-script npm...
Malicious code in callback-run-script-html-webpack-plugin-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 281a3cc4cd04277d76318a794fe020a7ea9edc9d4d5148a26b7f40fcbf27f72a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dynamo-run-script-nashira-markdownlint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7361ddf24b24372d3f7d805c9eb58615f9f41cd1281ea692b6ebc64d1b3c543e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fork-run-script-json-bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a487508b75acecea952348bb04e9172b5b203a5e9a7c982696c74b83d7457b0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in got-run-script-proxima-await (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfa04a34a8e56c5c772f14564f419592876e974653aa8279f0dfc3c83c0256b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hapi-run-script-draco-hermes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7496f52ceb1b572a541bb3ce44c44f647500abd52b1015c97b8a6e7de1ea336c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kinetic-ophiuchus-antares-run-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1029ceb8cde15110cf4088fc5abf83c8ab1b9dc7c09f0ee072aecf0241750f02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in markdownlint-standard-run-script-comet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9c922258173b565aad147f7ab8c8f6e2bd3797075453bb4b7d65c9e6481e66d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nightmare-run-script-cosmiconfig-non-blocking (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224f85680e32fc803514afae57e3a670a44ee9ab4255bf6e374c5326949375d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in odin-run-script-scripts-bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c79508cd48643557f134d37f5b6eb9f3da8274a39beb434b88d43ed6e801e5e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in pm2-run-script-eslint-plugin-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a817f06ae0a4d8dc0d41ca305b9e56576f1bd8664d47548dc7532d0c54975083 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in run-script-ophiuchus-cors-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1a09fd213361677312c1ca5e7462ebe175bcc01115ff87099c130dd7a70fdb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thuban-run-script-callback-meteor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae8cab59643f284802fbb4cbd2c8e1b457e20dcfeb60ba0e2de324276c9adc97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122367
Malicious code in run-script-vuepress-bootes-enceladus npm...
EUVD-2025-111618
Malicious code in local-run-script-ophiuchus-global npm...
EUVD-2025-114390
Malicious code in dotenv-parse-variables-electron-builder-rocket-run-script npm...
EUVD-2025-120242
Malicious code in xenos-run-script-weywot-exec npm...
EUVD-2025-122382
Malicious code in run-script-changelog-publish-canopus npm...
EUVD-2025-122377
Malicious code in run-script-gulp-hydra-jekyll npm...
EUVD-2025-122384
Malicious code in run-script-await-ini-ariel npm...