Malicious code in rate-limiter-bunyan-centaurus-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7041aeb6d4b6daae8b199986a9b05f5f12ff05ec198d264fea5a5274b2a9b38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124633

Malicious code in native-backend-dotenv-safe-mongodb npm...

EUVD-2025-115888

Malicious code in bulma-jest-native-loop npm...

MAL-2025-143039 Malicious code in gridsome-eslint-config-native-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48d6b5886a28c6841a9f6c2d09635f65b9369f4b371b1122af40f7ec37d1940d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143955 Malicious code in jovian-native-google-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d18c92729ce788c0306a566215970143f0eef297f78f5ca7f805ea1ab316e072 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145290 Malicious code in native-magellan-despina-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ff95a0f9f9d0bf145c3d00b8c179869268bb7ca8b7df9aefc3d9004bb7b7465 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147454 Malicious code in rimraf-native-wezen-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f783af03f5cd53bdf2d57a926a7e3f1eac33d66fc2c6865ab531181c7f231f1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147068 Malicious code in react-bootstrap-native-rehype-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c731557ff748c3b450e7f9a142a04f4182d48cb705f4ec926d465475eb2b7a06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114408

Malicious code in dotenv-avior-native-blitz npm...

EUVD-2025-116746

Malicious code in altair-native-webpack-perseus npm...

MAL-2025-148648 Malicious code in thuban-development-transform-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9970fc2cf7485e3a83f92015f3ef345dc16d84cdf3b6f96adcc69731705a2da6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139919 Malicious code in barnard-vuetify-lyra-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07108cd652ceada4468f324d199ae04c8c6c8ba9df2e5ec80f10369d97ecec95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142095 Malicious code in epimetheus-ganymede-native-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f9e981e62d594dce3c76d2f3f1e4089d7417c37b7e7968a8afa7284894b681 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148291 Malicious code in stop-colors-native-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab01a52a3f41b139889ce3357bc601b3f2ca49d5a2913f21185e024b9c3e0aba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149691 Malicious code in xenos-thuban-resolvers-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c87583f813bf3b289010d2d1fe63c705d1c7b1a54fd57decd0f17f40b0c5d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147936 Malicious code in sirius-aurora-warp-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5daf0e0b031d2cf938436afe95c35e412c219634f9978e99bd972480618c7d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144393 Malicious code in library-zenobia-native-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce9620d5a9059a59c24af888f0c640dcbdd31ad3e5c571b59e3b1c48a9264c8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-116183

Malicious code in barnard-vuetify-lyra-native npm...

EUVD-2025-103530

Malicious code in nativecrowz3n npm...

EUVD-2025-89901

Malicious code in nativehornetz3n npm...