2123 matches found
Malicious code in protected-thread-cron-integer-alpha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a8a54f3515cbdff294501d3b30177d1f4b221d5540a7178e1efc0fbbdc57b0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in await-rate-limiter-ophiuchus-chai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1583797f17b8931350761f69b3d6a8224213ed0a89d3bfece1cf00b321283672 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187495 Malicious code in install-enceladus-mesosphere-superflare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa05ee353befdf7fe1c329eeca05b4cc9cee78fc3dbac41901ee4bcd6609fefd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in throw-async-object-public-integer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10aa1d7a7d6befddd3451e86b4c9d3ff5167678967dcb13fa5be0d980ffd643a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in orchestrate-grid-dog-air-route (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b71aac15729d4867908bda7b5b355123208f728af5b784bf36ac34155117e4da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188876 Malicious code in prompts-xanthus-blitz-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5254336ae396f90fdca8d9a98e3c45ded6be01d1e812733bf65f8d8a93c58b39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in epigenetics-kinetic-prompts-taphonomy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c64afb51cb674d9db30da191e7520afbe5e2a9027ba0932f5a698f2fe7425425 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thread-monitor-async-omicron-optimize (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061a9053ababe92204caba04969dab4473e5750eb9caadfb4089a4ccc4449c5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189890 Malicious code in test-sudo-notify-meta-orchestrate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a621f4890e260b07bae44ac3d0fe50d6d1706970159cbdf42368fb889fbe1745 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185541 Malicious code in arcturus-centauri-iota-puppeteer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b062fbcc4e77a805c34328bb8e4095c779c20a7fe585cf258b619b7029d33cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189197 Malicious code in resolvers-foundation-library-kastra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c05e9755af5296428d20e2af407f0a2bbeeb2519e0199e94b2aca7fc6210c71a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in paleomagnetism-izar-gacrux-kaus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b2dbb229aae42fe5aa081a87bf1a6ae6488abfb909b16dcfe7a4f57867aab85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oscillation-aquarius-ursa-parallax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7127678160b96508d807efcfe044a57b7f9a9206a3c2546e146450bed08b547 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189726 Malicious code in subscription-proxima-levels-phenomic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae0a4d1da9dccbfd49a0d5afe640d0eb483fd0d87be0ffb321142c0dec91f2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187803 Malicious code in lint-auth0-joviology-jovian (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc97a55208b7ece6a83f42b44139024e81c21bdc1b43050810b785e84bf514f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188634 Malicious code in perseus-tectonophysics-iota-xenobiology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1657f0e5dbccaae1e34f55c0c23f8d33d107b19aefd6281a229da5a52a944ac3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190441 Malicious code in yonder-sedna-innercore-slidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 235087749a464cd5d6b6c22ced79614476b2f65285a4ec733bc5e779af8e4a45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189499 Malicious code in simple-await-try-book-epsilon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e39b3a10e41800c4664d93a4fac3389994bd787c8ea852f61631ec227e3b8cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Dark Web Roast - October 2025 Edition
Dark Web Roast - October 2025 Edition By Trellix Advanced Research Center · November 13, 2025 Executive Summary Welcome to October 2025, where the cybercrime underground has officially become more absurd than a fever dream. This month’s headline was xltshirt being royally fleeced out of $3,000 fo...