Lucene search
+L

84924 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.13 views

Malicious code in @antv/s2-vue (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in pegasus-quasar-oscillation-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f01e210d092d65bfb2d9e9fd1c8b58ae91f7c2b576e31263551297da6ad93e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in jabbah-areology-archaeometry-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1450f46fd9e16986c07c3d8779c3e55418dc857de0953803ae76fac04be89af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in pegasus-hermes-greatfilter-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee50216fdddd2b9a4492a2b16543b3394b245615cfa15ef569ae5075774044c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in selenium-cluster-framework-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 945e3261b632eb6a730ff1c7db5709620010f8bf20bb163023ccd934c64a084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in delta-string-enum-thread-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cdaa218fcf1da6962e6363ac39a9737390e281d97f094cb7660d1ec9e6b733d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in chakra-ui-fornax-umbriel-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3365ea447d8e6476fd1db57f2e6c33bf854a5c9ab298ad0d5aaecd0e6f783ed2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.10 views

Malicious code in protoplanetarydisk-zenith-mysql-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3a74138497749e5f498f269b5c421cfe84c7dbe035d4919018d99e7d062d9bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in kernel-encode-benchmark-interface-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76380f75d8ba6f59ab05dc5b0107949199b7af150de9616738aa35c5715dc30a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in aether-procyon-charon-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0043c2d601e5e737e24d450f0337f2b0fd8171c546edc58da69d61cc5eac5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in sanitize-sed-transpile-analyze-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0255f3ef4a6d499d802e5dd3e1c3ed31caeb68c77cd945be657b3bf65f132070 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in cli-module-publish-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2c574de55331c0e324822e435ebfe908647b9d1b6a58c0006c40ee7959d408 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in gemini-postgres-rehype-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 835234f600dc962131b0c036e7163ad52a55b2eff7514f87441427dbc9a88dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in sagitta-tachyon-rocket-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87105f7a55705922e8228e6ee258afe22d3eafa3dd23c68fa837dfbbac199b56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in whitedwarf-meissa-standard-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12016985bcfbeb9b567e3b4dd9080f0f3918ebd691305456490eff90d30c35ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in air-epsilon-zeta-key-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3315bade14bc91e0c028f375cddafcc7a08630f221281feff53d52abe8355d54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in andromeda-grus-leda-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ba83b5896b11f8a71f9cc0fbd13f3202cf4c74871a3ce8a9288b34209bd629a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in byte-root-test-kappa-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9828a39584b83c1b225e4838169006453b25472c92126df3386cf377a7da123f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in warp-elara-leda-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bba8246c9cb10c6c1adb2dad15906b9bbbf45d2841b4b415083c739160e1e80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in juno-pyxis-barnard-perturbation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ba7667bb839b545547f830a7cd64064ebb2ed6a65582c2229a5f9a02be6dcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder