MAL-2025-150122 Malicious code in @mipta1/middds (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30da189e5843022cac1577d85974e7a1c4803599c07b91cceb11349c19be24c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142519 Malicious code in firebase-webpack-semantic-release-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b30c4a5f5b373e1253fbc5568dde92c8b9d95968be5db1fc0c7cd27e209803af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from an improperly restricted pathname, which could allow ...

Malicious code in gordon-soluble-pot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f4d2da0bb721d756ce14dc7f84fe26344f1b19c96f21470d429466e9746ff80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in erick-nasicampur63-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42099d1bb00a440b99aba7de5caad9f2dfbf11338312eb95ae0b7bf94326b382 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...