MAL-2025-186328 Malicious code in cosmiconfig-deimos-kaus-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b417397ddce4e37930565b0788e7a53a679b19a15884a94a966067146ae2b85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-builder-kaus-non-blocking-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc97f9ddff3d836878325e761ded0213655d4240acbfa676ac68ebd722f29c61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177357

Malicious code in paleomagnetism-izar-gacrux-kaus npm...

EUVD-2025-175677

Malicious code in vuetify-ophiuchus-request-kaus npm...

Malicious code in nova-phoebe-kaus-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 681f4e48c75028980c66fada2072c099a609df92353c8804aaa3ee73fa6ee98c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kaus-atlas-aurora-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18819dc2e7d57c5c0e06d57e37b2c5520650bfbd6ef84b3a55ba46cbc0c2ca7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mdx-kaus-browserify-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c35c481bdc9c3cd04791a4bd2aea3c97faf1ab41752bdeaa06954b53da493801 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parsec-kaus-optimize-css-assets-webpack-plugin-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97de95755cec1310fe309f1de9501ac87d304da7024b581ecddb59c229de0c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quasar-promise-kaus-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 041ad73f1af79afd5f9b6ca0c4c7ba14072a32c0a2b16fd9c8af00d6bf033c50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175797

Malicious code in update-meteor-jupiter-kaus npm...

EUVD-2025-177772

Malicious code in mongoose-convict-kaus-thermochronology npm...

EUVD-2025-177566

Malicious code in node-sass-eslint-kaus-relay npm...

EUVD-2025-177528

Malicious code in nova-phoebe-kaus-gatsby npm...

EUVD-2025-177292

Malicious code in pavo-paleoecology-pavo-kaus npm...

EUVD-2025-177153

Malicious code in pipe-orogeny-await-kaus npm...

EUVD-2025-176842

Malicious code in quasar-promise-kaus-quito npm...

EUVD-2025-176498

Malicious code in scorpius-chalk-eleventy-kaus npm...

EUVD-2025-176347

Malicious code in slides-convict-husky-kaus npm...

EUVD-2025-177928

Malicious code in mdx-kaus-browserify-deimos npm...

EUVD-2025-178787

Malicious code in gammarayburst-neptunology-helios-kaus npm...