186 matches found
MAL-2026-3625 Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in jwt-polaris-accretion-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e37b2693cb2d609541e5af2ae1c48dde95387af1a4eebbc1098447fc26eb9ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in playwright-wormhole-phylogenetics-inflation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 998a8014614f0315a660ed56446d83ec0dcb914bcbf25832b2ba07ba5e3b4ad9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190108 Malicious code in ursa-inflation-atlas-taphonomy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f08f459b286f25ce6361ca667b880bc5e7084907c298b11aead0995d00ae6e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in auriga-parcel-soap-nashira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbe5b1c35448ad73eef103c3a367ab3cbf211d6af7d8138c9531cad4d079c357 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bellatrix-panspermia-websockets-gulp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 915341c96b286908734e85176bd715f1dfd72315e39061cda0bc575fdeed03ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in one-kat-ibudafrfdaca (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2613d53a01871fbc317cbbbf7defe01a4fd7666407b91e7884d917a2ab57f3a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in inda-fodja-gifaa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be70e3925cf9597e50891f0602f647637af0b9602b34aba62929a76bc95b8aba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in modiov-khan-avd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7546b8af6e3dbd01a2401041a63aecc4fc446a4a181e716bb8c0752093f870 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-182779 Malicious code in indea-fodioj-agafba (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50ce66689fc6613776d0a7f0fadf7d384969759679217eda930b7fb1e7d45adf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-181462 Malicious code in cewe1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ca0a53a7b53e1bc4f8fe9f02a28ee2e58c29342e39ba3d8d3ee8ac80e4dd69f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179522 Malicious code in anais-papmoa-0pimaa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1cc60316d867570aa32f89de05bcdacf88d39fcd96b5834956048ae9448be83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-180824 Malicious code in teate-thy-sonic-ozuwo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab266077506e036c956c8b13092b910ca2b6621fe5a44cd684675f8b9c5f645 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179491 Malicious code in anabuyil-n1n-nii (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1470afc266a73fd851c30294eea677160d2126dfed2d4daf3ee45f640bb908a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in anidata-haulid-mua (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e280ac5de0c4fff39a52d0f6d07040489b824109103429432616f9905ad5728c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-178510 Malicious code in sahuar-satidaf-fagubaiago (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb99ceae30e6f97fec6f8fb0a7111c4fcc1a08ee3e35126dfcee2b7350a658a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hunimi-satihub-naib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 772e071c1c9d5178489509dad7f7e4be34090be4cb189c98b653bfbac6fa8a74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thudsdmbi-uyt-unu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c104a4d30bf48352015f2092380a43cec35b59c44a3eb3b65bd53636e975940e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-177626 Malicious code in polymer-afaj-ratfaaavdaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a62cbde60da3521c0e1275f59c87978bc8ca9deaa1acb8220ea4058621679ef2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...