4655 matches found
MAL-2025-147459 Malicious code in rimraf-sync-koa-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 532009f657580cbf19bdbec5522f5677ade66238901cab4f4b3a95a524b4dd7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141159 Malicious code in corvus-luna-chromedriver-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc57845ad897dab7e51dc698f8f4a85f4640e5b4759380e4673f476f8d7a59f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146373 Malicious code in polaris-sync-procyon-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1434d4b6bbcde4dcf7e4fa46ea40212da7acbc15f97dd7d0c59b9c7366c8048a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142987 Malicious code in got-sadr-mocha-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40d82631c478969a084a95044f545da8cde4bbd9f304f27c6bded05d9020213a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113307
Malicious code in ganymede-io-canopus-sync npm...
Malicious code in ini-delphinus-fetch-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 685d40676848a894fe55a348008ca0bd6c6005b42422e1675050fcd0adb0f43f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in got-sadr-mocha-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40d82631c478969a084a95044f545da8cde4bbd9f304f27c6bded05d9020213a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avior-sync-enif-protractor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89e3a83c0ebc9b62ac07880fd2b7ee24acf354995ffbb017c950d19e49d7f208 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polaris-sync-procyon-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1434d4b6bbcde4dcf7e4fa46ea40212da7acbc15f97dd7d0c59b9c7366c8048a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sadr-process-ini-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e99699493d67b9e69638403e5ff42e8bcb51dde5d15221340e4921f8cdf49a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dependencies-sync-eridanus-bunyan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08aa69c1f04a21c437aa1c182048b5f6146d8ac5ee652093cdb056f483f5db7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rimraf-sync-koa-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 532009f657580cbf19bdbec5522f5677ade66238901cab4f4b3a95a524b4dd7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in start-mongoose-scripts-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c8881d3331a199f19842e80240df5da41adea1181cadde5924c73d69f70e38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nashira-sagitta-tailwindcss-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e01aa82b5cee7d7f29ead05831e499f5b5cc3032624bb089c35c97543f25b33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112360
Malicious code in izar-cassini-ursa-sync npm...
EUVD-2025-112115
Malicious code in jsonp-ignite-sync-link npm...
MAL-2025-144041 Malicious code in juno-sync-middleware-ini (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5262c9aa5283b0187448f086b75b73d09c9b6329b9468931b0f2d7e353f198f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142426 Malicious code in farout-sync-regulus-node-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab15b377e01838c81e48ce3e12a9f793df1cf6f08a8352491c27361e3411dd96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143753 Malicious code in izar-cassini-ursa-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844171ec081664cbf20fd1c8c743f71ddc8ecc7ef40ef3b54fb7c6215ede00e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140696 Malicious code in chariklo-gulp-sync-child-process (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8da4da04f9f6c5b6991dcb2017d11ee5925ffc8c98afb5519309453f5c30e25c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...