1179 matches found
EUVD-2025-116010
Malicious code in bootes-stop-transform-kronos npm...
EUVD-2025-121158
Malicious code in transform-norma-flare-carpo npm...
Malicious code in express-epimetheus-transform-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54e3d5027fe575e774c42be59151b712d7df1bf2876ab3c75535e3bdafa0779b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121159
Malicious code in transform-node-sass-jwt-mutation npm...
Malicious code in sqlite-transform-jest-loop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4edbfb4264847c384da631ea6bc0589e5e25634a72695e65abc456edddc215b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in exec-scorpius-toml-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7daf0e843578606a660a5a5683f1243e6794785cedd068b8403e79e4357aa2cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113691
Malicious code in farout-neptune-dione-transform npm...
EUVD-2025-111166
Malicious code in middleware-blitz-mutation-transform npm...
MAL-2025-148772 Malicious code in transform-publish-sedna-cressida (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a03fc8338b4b798f1a5808c0388729affd3e1aaf3ffed404918845befbbdb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-139264 Malicious code in airbnb-transform-apollo-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 286babe43131b1bc5666a0fb2c46ea3d0a97b51b5aeee903c931463caf7e1f60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143522 Malicious code in ignite-pm2-postcss-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8095a9cb35cc211097688e59741a37304773dc1f5130ed8ae6a8a9f8eddfcb5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148723 Malicious code in toml-transform-mongoose-cz-conventional-changelog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4c5aa347312aa9608e31732bf55144c791fd30f70ee314980a49a5e5bb3ea7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in atlas-transform-taurus-xanthus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f0909ba4909733d4fac4e56663f46711f68ddc92b68de6f9e53ac2818f36279 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in toml-transform-colors-uninstall (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91d70cd2849f53b4ee927dbd5ce6124dc606282f9efcab3a38d79e9435a06b6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in meissa-supervisor-markdown-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60cdc4d5317b650a261573ff13fe8a451e6e91f68730697fa7045ac908f307e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in transform-es2015-block-scoping (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e96489b1847106951744b2eb46d3c771d38406ff77d148fa97dd349910a934c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview transform-es2015-block-scoping is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...
Malicious code in transform-merge-sibling-variables (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d380989059db5a476085e3c65f461f844bd193d30a4f2558f711086525e20ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview transform-merge-sibling-variables is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...