Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in notify-omega-process-kernel-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 227e8588cf0cf575c422c862ccc3a11b88efabe78157d3b60216f9835b90158c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbriel-transform-corvus-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba0535ab8475a2cfe19c1ada68feab5732883367dc7554d2a673d0616d955ddf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in execute-char-char-stub-serialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe5d9354bb43f2724bc7efeec94e26f50bce0f7ac425402af053df136cd5c11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cross-env-singularity-europa-paleobotany (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff3602c31a1c627dba4e6eaa8d920964d7902b51de88538778b11058f2f032b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wind-char-function-resolve-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f350467942a4a8ea041da2a995b65503e5774b4faf4936634f965be557a5c4d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-wezen-bootes-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95af838a5409ad46c803f49911e5142c4505a584392775561fc0e5b1eb266f01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriverio-wavefunction-publish-asteroid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dbd476dbd24f90f40965c0167d1e0e9d30a48c5075ce0ffa548800cfeaf17d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sqlite-duplex-robotics-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f41fc7d49409f364c1793b954a916bbb4f8dd865b8617e989669637876bd85d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in algol-aldebaran-cressida-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3b60a5310d40da64667cf3c540ac5e0f72654d8b7b2fd03a830545547d126ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supercluster-command-betelgeuse-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c4312f9a8f4944f7302c2d84d8f462d661b5c52a2451094345926045d0e847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oscillation-grunt-magellan-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bd14a9cfb0412ff331fb4db228750a5bd7779ced3a892c4048366316c2786fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pyxis-alphard-event-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 516651765e6ec2134077f6e0128dfeea44e2a4ea76469186f299a7daa07bf2ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in orbit-typeorm-nucleosynthesis-tectonic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dd0f8906ebfbf9c904bb008379e1ef26813caad53f6b2009b17913f630de464 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-sirius-promise-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 246366ab6b3632e7b423af9e451968b2bf746434d27260f7b68ffa2a924009ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boson-build-tachyon-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e119e83c2c3e138467e3546a509359259ba2dc5811e76b7bfe8168f86ee3d73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wavefunction-procyon-archaeoastronomy-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d827178311a22de7b56e9e1c381516b8c0e5313a960ee72e8474c15d154b6e51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hawkingradiation-volcanology-npm-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae30186c272ce2ebecaa6dab45b7ac36c848a48135232810939cf76480942ea4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in figures-proxima-sedna-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92d0b9329c538d56e5c03a9784fb71627128b7a5d0af3687c492dcdac386fa18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ariel-callisto-commitlint-config-angular-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdfea94216d46394d4f07bde016b03bdeedf21face4db3ada1a9424b0a6e4aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in materialize-docusaurus-oauth-centaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 145bc41465ad46b2ad7229b3c6ebc74e835f3098417c904ae3ca5c4a846bb1fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upgrade-async-forever-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75caed0ce1fb98070ff3b33974aacb7b1939cc7108213d2042323c1aa276575d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quasarjet-umbriel-global-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5107d252300ac72e77d3226682a2382d559b0e1b387c3fc03169b328d0195ca0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in less-astrochemistry-ceres-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce97bc6d36bcde07bce91a015dec579ae6795f061e92685f77111fbb9c91bc6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmicweb-antares-lithosphere-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0506cb2e0e182f936ec1b74d381874e93fb15d69cc3a6e7245f53e539eba8e7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in envconfig-apollo-dependencies-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc6efee11ebc8382fbece0fc1803392ff0837ae4af2341841d4b417793e252fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-lynx-lithosphere-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43ec24e13dc5676cd39326afe618afe0b9e4435ea88c7c601c8b2053d26a6c81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biogeochemistry-test-express-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80da7adfdc662484fd92ec3d26801045267dac8ca72457ceb3555b61f87bbbc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-monitor-async-omicron-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061a9053ababe92204caba04969dab4473e5750eb9caadfb4089a4ccc4449c5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in manu-oib-gis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ddc6c65dee1b85a3729add344226cb2ddad682833ec29d7b4c092844ef57bde This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in goodai-ngasa-abainafau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 328ff0bbd59aaa612d0843ca4e88aaf5edd034c68323d25a21868dc60e0abdf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hassanraza (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c474490892dc4e0716e55c261f04d09b4490fb86ccd7668df43a6583243e465 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in digo-kamoli-ailasoml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e850873148b5bb8dacac08ace2faaf7478b27680811e61a36adfd1454a59fc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in verify-tactiva-bsna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 415206c8f939b5351c3e4e74d2c86b91fc310586e5375499ed0afe288c93aa3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in verify-tayic-iam (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db8d8d038ca79a29b37e92386fdb291ca60ceecdf940ecd3e293a567a0d9889d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kentung-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1630e8d30364b11fe31171b0442a0593613f7fab9cb95cb4394b828c8b43b17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in babel-pegasus-xml-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c99cfe63d56d39e7c66715a4797bb30032ba8dd6254bdf514d52cf979e3706c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spectron-celeste-release-it-sqlite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1df8c6940e6e3d9ced5f326a094eb0c4ed187281f9a643fd72117c93e7dbf29e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xo-hermes-csv-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ac54c4f56f565c7cc1577845904c3da765754c0aef53b6fda637b70bad32dd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-helmet-schema-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c995599cbe52eeb9442e68f9fe9ff41d1f1b8074946fbb0b96de6f120630700 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polyfill-regenerator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7d3f5ade208f63787145ecad7643a32b6bf4525494a136967abcd7d0ba2e720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hash-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 797126e9eb0f67390ff12806c31b6cca28e65c31d1eb9b186dbb591b0db9c941 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in kirux189894 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f147ce226cffa7d6f6b34db801242958dc198c8d18c01cef735b65439dae8678 Package simulates malicious activity during installation and has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest package...

Malicious code in simple-icon-maker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8809c0049ae5c8b8cd198cb99abd3b33d600799607d44fc77777f9b0a711eb8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in google-profanity-words (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in tailwind-desktop-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 499aa4b2704334334941cc6f69986a5c31488867b97fa544ce2927ce5d5a7bfc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @art-ws/prettier (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0ad654106f2b917f883774d7484c2a6e0b8321808a7693b56ce60c52eaf85e3 Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in kekovayalibka (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62e5215c3a679298336a19cefc6971dc3ab4d26a68a1ee1b7fdafe97b7d2c8d0 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...

Malicious code in python-programming-net-zh (npm)

The package python-programming-net-zh was found to contain malicious code...

Malicious code in monolith-twirp-merge-queue-go-mergequeuemonolith (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 58e829a595050f4922bb0937c2d6c0d2759059af987ceb38f0c33712345eadc2 The OpenSSF Package Analysis project identified 'monolith-twirp-merge-queue-go-mergequeuemonolith' @ 1.0.2 rubygems as malicious. It is consider...