84924 matches found
Malicious code in @antv/s2-vue (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Malicious code in pegasus-quasar-oscillation-titan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f01e210d092d65bfb2d9e9fd1c8b58ae91f7c2b576e31263551297da6ad93e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jabbah-areology-archaeometry-vega (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1450f46fd9e16986c07c3d8779c3e55418dc857de0953803ae76fac04be89af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in pegasus-hermes-greatfilter-procyon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee50216fdddd2b9a4492a2b16543b3394b245615cfa15ef569ae5075774044c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in selenium-cluster-framework-eleventy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 945e3261b632eb6a730ff1c7db5709620010f8bf20bb163023ccd934c64a084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in delta-string-enum-thread-uglify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cdaa218fcf1da6962e6363ac39a9737390e281d97f094cb7660d1ec9e6b733d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chakra-ui-fornax-umbriel-wezen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3365ea447d8e6476fd1db57f2e6c33bf854a5c9ab298ad0d5aaecd0e6f783ed2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in protoplanetarydisk-zenith-mysql-palynology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3a74138497749e5f498f269b5c421cfe84c7dbe035d4919018d99e7d062d9bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kernel-encode-benchmark-interface-virtualize (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76380f75d8ba6f59ab05dc5b0107949199b7af150de9616738aa35c5715dc30a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aether-procyon-charon-spectron-webdriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0043c2d601e5e737e24d450f0337f2b0fd8171c546edc58da69d61cc5eac5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sanitize-sed-transpile-analyze-sandbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0255f3ef4a6d499d802e5dd3e1c3ed31caeb68c77cd945be657b3bf65f132070 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cli-module-publish-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2c574de55331c0e324822e435ebfe908647b9d1b6a58c0006c40ee7959d408 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gemini-postgres-rehype-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 835234f600dc962131b0c036e7163ad52a55b2eff7514f87441427dbc9a88dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sagitta-tachyon-rocket-nodemon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87105f7a55705922e8228e6ee258afe22d3eafa3dd23c68fa837dfbbac199b56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in whitedwarf-meissa-standard-mira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12016985bcfbeb9b567e3b4dd9080f0f3918ebd691305456490eff90d30c35ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in air-epsilon-zeta-key-bundle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3315bade14bc91e0c028f375cddafcc7a08630f221281feff53d52abe8355d54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in andromeda-grus-leda-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ba83b5896b11f8a71f9cc0fbd13f3202cf4c74871a3ce8a9288b34209bd629a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in byte-root-test-kappa-sudo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9828a39584b83c1b225e4838169006453b25472c92126df3386cf377a7da123f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in warp-elara-leda-bulma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bba8246c9cb10c6c1adb2dad15906b9bbbf45d2841b4b415083c739160e1e80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in juno-pyxis-barnard-perturbation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ba7667bb839b545547f830a7cd64064ebb2ed6a65582c2229a5f9a02be6dcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...