tailwind-mainanimation@0.0.1-security vulnerabilities
security holding package
latest version
0.0.1-security
first published
2 days ago
latest version published
2 days ago
Direct Vulnerabilities
Known vulnerabilities in the tailwind-mainanimation package. This does not include vulnerabilities belonging to this package’s dependencies.
Fix vulnerabilities automatically
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
tailwind-mainanimation is a malicious package.
Upon installation, it silently injects obfuscated JavaScript into the end of legitimate project configuration files (like To evade detection, the malware rewrites git history, forging timestamps so the malicious commit appears untouched. The injected script acts as a blockchain-based dead drop resolver, querying TRON or Aptos networks to retrieve and decrypt the final Beavertail malware payload. This payload steals credentials and cryptocurrency, and installs a Remote Access Trojan (RAT) via detached child processes for long-term persistence. How to fix Malicious Package? Avoid using all malicious instances of the | * |