MAL-2025-140413 Malicious code in carina-loopback-zenith-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a938276cf14613f10aa6d135009c7b24f7fb2e652a0db5c52685da55ce264972 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144549 Malicious code in loopback-framework-loopback-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7b27e27c7246783d05331bd95e459820ecd9975b3cb5f76e1d50febbf6d07d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120413

Malicious code in winston-ophiuchus-configstore-loopback npm...

EUVD-2025-111551

Malicious code in loopback-server-grunt-terser-webpack-plugin npm...

EUVD-2025-114872

Malicious code in cressida-loopback-chromedriver-chariklo npm...

EUVD-2025-115919

Malicious code in build-loopback-transform-publish npm...

EUVD-2025-113659

Malicious code in fetch-polaris-loopback-registry npm...

EUVD-2025-111563

Malicious code in loopback-global-levels-dorado npm...

EUVD-2025-113347

Malicious code in gacrux-galaxy-loopback-elara npm...

EUVD-2025-123166

Malicious code in public-cors-blitz-loopback npm...

EUVD-2025-124105

Malicious code in ophiuchus-got-perseus-loopback npm...

MAL-2025-147991 Malicious code in slides-non-blocking-dotenv-safe-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0850f47bc6fffbed41e4a34730cecc0e53621b63abb4a3b3199ba5f61ad97ddf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in loopback-install-cosmos-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27fe72bddd7ee5698a90b2681d3e1802889bb959c6cac112326eb20b2f1d6a02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in loopback-elara-procyon-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 223bcc66a7c9133ca829068685fe0df368e7add5b22eafb33ec966764557a1db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120092

Malicious code in yonder-polaris-loopback-vuetify npm...

EUVD-2025-121936

Malicious code in slides-loopback-remark-apollo npm...

Malicious code in regulus-loopback-gravity-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e2e33d869936b58fdbe291e2439f8c32c80eef4c3f563b534efb78ad4bc3f95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111862

Malicious code in lacerta-thuban-dynamo-loopback npm...

Malicious code in loopback-puppeteer-orbit-configstore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb39e2620d3390231bb1f11d856b5d83153e0517c509f97d497defe7de83a26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gacrux-galaxy-loopback-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fe9574eada5f7856d57a924bdfe32e8ebcfe2ef5419865a35394d25b67e09fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...