MAL-2025-143239 Malicious code in helios-quasar-karma-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6bd1d7f7c51f15d3c5b88398a4e2058f55838b7246fa1831d0b7db9807ea141 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149238 Malicious code in vulcan-helios-carpo-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51fc2186a8b8d2cef5c43c813a9358578692c3659d29973ad9eafd99ac01cad6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in carpo-ignite-electron-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7b7c30af3b3626ed4d0c18eee5818fbc188b087d67563e7607290b27fe3b630 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kronos-grus-scripts-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f99b9a7468f04a7afd8f06f5a0badcfae4fedd17f6c6995f43b1ed54c14f497 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dorado-concurrently-process-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76f20f6ca0676e9eff129a6b427fe940ee7a2dfa15373c2680bc0f47c155ceb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112878

Malicious code in helios-html-webpack-plugin-colors-achernar npm...

EUVD-2025-112873

Malicious code in helios-quasar-karma-webdriver-mocha npm...

EUVD-2025-114458

Malicious code in dione-subscription-winston-helios npm...

EUVD-2025-115663

Malicious code in carpo-ignite-electron-helios npm...

EUVD-2025-116927

Malicious code in acamar-helios-redis-chakra-ui npm...

EUVD-2025-120971

Malicious code in uninstall-helios-geckodriver-cressida npm...

EUVD-2025-112885

Malicious code in helios-concurrently-cordelia-proxima npm...

Malicious code in helios-configstore-orbit-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c3df2929912d909d21c9c5c9667a29fb56ea616c1d8cfbf3d46ad1dd457f1e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113153

Malicious code in google-helios-tethys-hercules npm...

EUVD-2025-114466

Malicious code in dione-cluster-hexo-helios npm...

EUVD-2025-112874

Malicious code in helios-procyon-acamar-andromeda npm...

EUVD-2025-120959

Malicious code in uninstall-sedna-config-helios npm...

EUVD-2025-114071

Malicious code in enceladus-ultra-promise-helios npm...

Malicious code in vulcan-helios-carpo-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51fc2186a8b8d2cef5c43c813a9358578692c3659d29973ad9eafd99ac01cad6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124242

Malicious code in npm-helios-nuxtjs-gridsome npm...