308 matches found
MAL-2025-187350 Malicious code in hexo-boson-charon-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a56cd66ea725cf1761fe3250a133dfda961733f0870f716905609eae11f5f91d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in antares-jsonp-charon-europa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a4d80577e0db7da7c6c0f0734eee7b372d1ea0a1894b44188cf2593f584973c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177964
Malicious code in mantle-asteroid-charon-quasar npm...
EUVD-2025-180050
Malicious code in biosignature-quasar-galaxy-charon npm...
Malicious code in transform-carpo-charon-hapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9df721a1d001a47a01827b2556b96ff9d55853def17552c84f1c6e05a3172c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179066
Malicious code in eris-jekyll-cryovolcano-charon npm...
EUVD-2025-179740
Malicious code in child-process-charon-mui-on npm...
EUVD-2025-122381
Malicious code in run-script-charon-rigel-koa npm...
EUVD-2025-122083
Malicious code in semantic-ui-charon-sirius-yakutsk npm...
EUVD-2025-113404
Malicious code in frontend-meissa-scripts-charon npm...
EUVD-2025-112061
Malicious code in jupiter-charon-concurrently-hermes npm...
EUVD-2025-120790
Malicious code in version-loopback-ursa-charon npm...
Malicious code in charon-mdx-mdx-rehype (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3feffdbab66463b83704d077bda0e4f7018d3e997c56702ac197352b5b38ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nightwatch-css-loader-charon-gemini (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e44f89d3df24791b88771155d9b2f6a6e5560407e4703e03a79c06a90ca59d19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113622
Malicious code in firebase-charon-node-config-delphinus npm...
EUVD-2025-123593
Malicious code in polaris-charon-delphinus-dorado npm...
EUVD-2025-122867
Malicious code in react-bootstrap-draco-nuxtjs-charon npm...
EUVD-2025-116595
Malicious code in apollo-elara-dotenv-parse-variables-charon npm...
EUVD-2025-115388
Malicious code in charon-configstore-polaris-dependencies npm...
Malicious code in hapi-charon-prettier-plugin-markdown-aquarius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e7e91d4a997d8e612394d189efa0a0befcc5026cc5b99a3fe32f91a842b1a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...