225940 matches found
Malicious code in xsltproc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9038d06e907a027d385f7ef9111815ca61e7b26fce85196a549c20e02447adc4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in loger-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bae5da3bd8d27a466a9c283448407d51b93d85d73a97a5db78f46b3635cd3a4 The package loger-parser was found to contain malicious code. Source: ghsa-malware c75c0239d03c0dc3d95b5965598d3d59e96ce5a1826fc60aaba3dd34da283a2b A...
Malicious code in tailwindcss-setflex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d80169fb6c203bac400f4a79925a5a54eef1ef740164552a568e6e6604f9427 The package tailwindcss-setflex was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-test-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f220c85ce9af5bc025f22e269aaaf3af1c5853df736bcbb97331229c06b1c32 The package chai-test-async was found to contain malicious code. Source: ghsa-malware 5b8f7387cfa3c737fbb688f651f56f2174c2e831df5ded826ec25d8b7dab1bc...
Malicious code in chain-test-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3e0c036eeb1631fbe88e6fc1c18dc89f31a900e1d528bd2027a2aef1eb35a60 The package chain-test-async was found to contain malicious code. Source: ghsa-malware c1d03d8b6de88ac68ebdd7ea00a039ed4f3d071cda41ca8e038c5cad8eb212...
Malicious code in validator-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83e37a6017e345fd411d1589cfff26c773d65d94f231505eae6ca3a90b448c4a The package validator-node was found to contain malicious code. Source: ghsa-malware d3f7ef04f70e6978a9f771255f136d634d2907c42c7acf71a42c4c93e7e5d333...
Malicious code in com.unity.polyspatial (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76efa94c9f9541ca5cd9a534a103bd5ffebc05bb770e05ffdaf62e4af38942bc The package com.unity.polyspatial was found to contain malicious code. Source: ghsa-malware...
Malicious code in pylibcugraph (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b298ab8786b687f39d3ce25f6a69effd415c27b384fa23bc45c5fdf640448105 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in quicksort-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in bitsight (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee657cb65d10490f2b29546c27133e3049eab717c2b57bda3029643665e32899 The package bitsight was found to contain malicious code...
Malicious code in worldskills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d245ace818f9e6d4526355bd80129354c139dd0b991e6df6ee6211df41110352 The package worldskills was found to contain malicious code...
Malicious code in form-classifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aee6a6945bad04a1ec3fbe89e2cbe5013625ba025601a3df6678a125761d3b55 The package form-classifier was found to contain malicious code...
Malicious code in @walletify/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf24003a1ce3e60950dc6d7029b916a3794e42fd751e4370d5241a1cef53ba81 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @walletify/backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f030c1111fb06c5daf5d9b522a95b60e2059a449d880165d538d494c7ea99993 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @walletify/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47d10b25587929b2987efd39df23877c3753147c431eb456cef63e175e70588c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-chunk-master (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fa857f9f07f371efc55f392a0fcf81beea9480a42476b38fe80cf496b37ba8d The package vite-chunk-master was found to contain malicious code. Source: ghsa-malware...
Malicious code in markdownlint-subscription-changelog-socketio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c56be628301573592cc719e5e4c23f4290e8e35e1e080e461e66a3ab71b489a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tardigrade-mini-css-extract-plugin-nightwatch-blueshift (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eccd2dbe37050ec44770db072262af063d90c8cbb1f901cc4ab7337d91745c94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in augmentedreality-fetch-gravity-hawkingradiation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d088457581e114c96306e6650f3f92d9e217ab0cfd12d8df0a74cae837196d98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in webdriver-manager-deneb-nconf-outercore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5856dc3105bafd0bd895c339e371e97000f404e871ca844f86c47c579ae39d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in helmet-pegasus-non-blocking-phoebe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in neptune-grus-fusion-sass-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39f6784c9cffab433ca3aba62b9f5c8ca5f88d292e84c7ef4b23324259fe740a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in taurus-css-minimizer-webpack-plugin-ophiuchus-webdriverio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8ad6a47a997ae581afbb207779a8920a2efac4fcd400cab0db5924bf8227ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in transform-robotics-filament-orbit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65dfde16dd768ac14d658dcc5d9aefd9d6e5e79e6df9a61fe8202c0c895d6480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in astroinformatics-ethology-venus-slidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 226e9d3d2ba28c131f256e2a26ec85fb9afec9418f57e00d7ec0b300e0e98206 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in string-compile-module-benchmark-report (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a32edf99d2adb837e219033e596267b024daa93bbe2f9e9e2030e20bfffdffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in spinner-proxima-cybernetics-cosmochemistry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7452dbccf4e36bdc41bf89259059d35e9ad079945737d08d43590057286583d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in taurus-mutation-izar-node-sass (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c256602c1f7c8b93be5ed695597c57a40839d4299f5b8b8cbe4a4f17d74ed56c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in small-route-assert-compile-interface (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 754381085149656b673543a0b5728e914427033cbf7ccd6f9b1fe0fd34b5a474 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in socket-minify-export-catch-file (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e30d97ee2bf204b3fc45d68f49bafdd6a020615e4ad51cbc83f463f193b80ea9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in telesto-neptune-tethys-shelljs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b60aa630590205ca8b7b9fd1a3f55a9cd33aaba2af30218049c11201e9a43c96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thermosphere-node-sass-farout-seismology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afedec7a9c064479a8e2564724676591ba3d6387ea85cae80291cab11358ca4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tree-function-kappa-decrypt-assert (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cacb380e1ce93ad7d45f252a5f9858b2a29a47775e53ec4c03d4779cadce49d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in terser-webpack-plugin-andromeda-zenobia-pavo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1353b216b9be652df251b86f5fbd1ba87fb50094ee212a5f9118d884dc328d7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in table-old-sun-await-decode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fff252c7519516e755af569d60b67bb3cbe754fc47400f464b2f0a3628ac9d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tectonophysics-transform-crust-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 362c7a3c2a387c1b0b23c2ad16e0ff6e12215ac224b7fe3f752d831110cf1fcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in taurus-winston-panspermia-neuromorphic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83d2cd6b9bc072d292c08b72596bfeb053e4d083b485191205648263cf806a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in socketio-polaris-restart-adonis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e80f723fb0c38fbfaf0efdc1c70d08acd508343dbd594e403fca9751fb9b1719 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sadr-nodemon-cosmology-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde5e4eff09a33f1389f7b207284fef123917e01d69344dae811a66121796ebe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in semantic-release-boson-lepton-kastra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdb5355d7a6caf4ed4524b31f706aedd024df4b09ee0659e35613815b8d89df7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in saturnology-fomalhaut-geckodriver-resolvers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2caba52a6e0c88328d81e8c122e414d91225f1c1fc9d17f8a5aed4ff943da7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in soap-comet-adonis-karma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ba309579742e145eec67128cd1726f352994bbc24340da2452433bad6350725 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in slidev-parallax-epimetheus-redis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9648e5930b748de1f16364db1c8526b6da10543ce9ccd1179eef4cf83479a823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in table-private-module-zero-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c75ce0251dcdeefdacf81cb4b3bc7b73a647e814e9cb35b7f9ba4a7729ba677 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tau-mu-good-beta-kappa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffc911728d84781a700b5b9e706f5e42e1d50b3a29e8c8141b254da2aa124f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in spawn-webpack-nightwatch-slides (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318806806d481ef740dd17c622bc164b94a295e29a9282fc7c00d3951dfeaee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in solis-semantic-release-pm2-css-minimizer-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f3fbcd8cfd3f79b4077a30db2336a9949bd3aed84da84464d9498779874eb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sudo-reject-mu-proxy-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71bd21ebc82601b1500c1ec0b38beaf261822f483579359312b433a31d3a139a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in selenium-cluster-framework-eleventy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 945e3261b632eb6a730ff1c7db5709620010f8bf20bb163023ccd934c64a084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in scorpius-gemini-ionosphere-odin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58caf529580aeb51398d73880496f218ffb439bc6ff6cdea588b6fa00681ac25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...