EUVD-2025-112287

Malicious code in janus-phoebe-frontend-configstore npm...

EUVD-2025-113614

Malicious code in firebase-equinox-subscription-configstore npm...

EUVD-2025-115057

Malicious code in configstore-fusion-mensa-winston npm...

EUVD-2025-115048

Malicious code in configstore-publish-callback-atlas npm...

EUVD-2025-123501

Malicious code in postcss-protractor-karma-configstore npm...

EUVD-2025-121744

Malicious code in spica-terser-configstore-taurus npm...

EUVD-2025-121736

Malicious code in spinner-configstore-lynx-rate-limiter npm...

EUVD-2025-121702

Malicious code in sqlite-configstore-remark-vuetify npm...

EUVD-2025-121494

Malicious code in sync-telesto-configstore-javascript npm...

EUVD-2025-123843

Malicious code in perseus-configstore-regulus-chai npm...

EUVD-2025-123558

Malicious code in polaris-repository-ignite-configstore npm...

EUVD-2025-123100

Malicious code in publish-webpack-configstore-dependencies npm...

EUVD-2025-124699

Malicious code in mutation-configstore-fetch-polaris npm...

EUVD-2025-124109

Malicious code in ophiuchus-configstore-iota-dorado npm...

EUVD-2025-124017

Malicious code in orbit-configstore-bellatrix-pavo npm...

Malicious code in winston-ophiuchus-configstore-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efca18a04a8da345e7fd1ab9586fdfb34f3f346cf16ea39fb312943602e6a7ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112884

Malicious code in helios-configstore-orbit-meteor npm...

EUVD-2025-113547

Malicious code in forever-configstore-markdownlint-webdriver-mocha npm...

EUVD-2025-115391

Malicious code in chariklo-zenith-proxima-configstore npm...

EUVD-2025-115044

Malicious code in configstore-sync-magellan-jabbah npm...