MAL-2025-141657 Malicious code in docusaurus-cosmiconfig-fomalhaut-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48320ffdb95d1b543c27168dccd5a5eb028beb17f1215e1de83ec2140b407d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144547 Malicious code in loopback-firebase-postgres-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2789696425e4ec276c93faea29470a11265e41a4117bcdbc14f88a208240a63e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112655

Malicious code in hydra-socketio-fornax-firebase npm...

Malicious code in firebase-middleware-websockets-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 965718b2e69e8cd0837618529f0dff3b16fdbfef7b4cc2473c9574fa1aed806c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmiconfig-firebase-warp-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eee21f35eb9805d7f31c7f493c82f906f9774634ec1b223e8d3c7fafec2331c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124383

Malicious code in node-sass-firebase-enceladus-loopback npm...

EUVD-2025-124602

Malicious code in nconf-firebase-async-mongodb npm...

EUVD-2025-112805

Malicious code in hermes-child-process-event-firebase npm...

EUVD-2025-120983

Malicious code in umbriel-orbit-firebase-vuepress npm...

EUVD-2025-113303

Malicious code in ganymede-lyra-arcturus-firebase npm...

EUVD-2025-113617

Malicious code in firebase-dotenv-jekyll-jovian npm...

EUVD-2025-112304

Malicious code in janus-firebase-mdx-supervisor npm...

EUVD-2025-121790

Malicious code in spectron-webdriver-meissa-yakutsk-firebase npm...

EUVD-2025-114969

Malicious code in cors-spinner-firebase-radiant npm...

EUVD-2025-113619

Malicious code in firebase-cressida-commitlint-subscription npm...

Malicious code in firebase-relay-winston-webdriverio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a8df2c7171ca9261aad999cabc9cab7d7e3eb476ecbee2445af9054a0299af5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113610

Malicious code in firebase-leda-octans-postgres npm...

Malicious code in halley-grunt-firebase-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5e454e8b008901ff203e87ca9d360f5d4997b95763ed04d15c985c2691ac69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122795

Malicious code in registry-firebase-less-loader-subscription npm...

EUVD-2025-123140

Malicious code in publish-epimetheus-redis-firebase npm...