MAL-2025-186927 Malicious code in express-cors-dysonswarm-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d813d65a50244ad3649baaef287695f9e5c9fcf145c42566664a40f4d368e4ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189083 Malicious code in rate-limiter-express-iota-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 220e622d69063b2b40c1d75c8eae318670c90278bb98cfed61a265a93595e3db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178168

Malicious code in kuiperbelt-yakutsk-bioinformatics-express npm...

EUVD-2025-178956

Malicious code in express-buffer-quasar-reveal-md npm...

MAL-2025-186930 Malicious code in express-superflare-antares-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e7a6ba17312913867557019313b03b4665a5d4e5fa65ec12316140c967ff809 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187972 Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3eedff5af78c38d953cd8a24a97713690a208d01ffa5df7018314e5f3ba5667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177361

Malicious code in paleoecology-tardigrade-express-rocket npm...

Malicious code in radiant-express-sync-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc11ed6a8c3867ed71199224db53e25c2338a7f38da642038050bbef32d06101 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186928 Malicious code in express-proxima-websockets-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ee0a304fa501650f89077e1daec98bbd0bb5ef6a4cceac9cecb13c6ac45490f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189055 Malicious code in radiant-express-sync-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc11ed6a8c3867ed71199224db53e25c2338a7f38da642038050bbef32d06101 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178951

Malicious code in express-terraforming-nucleosynthesis-nova npm...

EUVD-2025-113078

Malicious code in gridsome-barnard-express-vuetify npm...

Malicious code in vulcan-express-phenomic-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90d9c5814154ab32cb6266dfcc631d0eecf3797aee3527044383bd1999e4c9c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113719

Malicious code in express-superagent-javascript-hapi npm...

EUVD-2025-114299

Malicious code in duplex-gridsome-antares-express npm...

EUVD-2025-120623

Malicious code in webdriver-manager-acamar-publish-express npm...

EUVD-2025-122581

Malicious code in rest-centauri-remark-express npm...

EUVD-2025-113741

Malicious code in express-cache-delphinus-iota npm...

Malicious code in express-cassini-warp-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddd22234b7a86537f1ae17969398bec86c8f6bda4b4fed0732595138012dbb89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122056

Malicious code in sequelize-express-draco-xanthus npm...