EUVD-2025-123902

Malicious code in pegasus-callback-build-sequelize npm...

EUVD-2025-116461

Malicious code in atlas-callback-xenos-janus npm...

EUVD-2025-121673

Malicious code in standard-cressida-callback-hexo npm...

EUVD-2025-112553

Malicious code in indus-callback-achernar-dorado npm...

MAL-2025-145070 Malicious code in mocha-chariklo-callback-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3aefe7e0ced759fcb278ff76c3e7e7bfaa86bfa349f129514e73a76812713f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147443 Malicious code in rimraf-arcturus-callback-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 890f7f9988476115c2e1293536fac082ba9be0e4d850efd3daaa4afa7d8bae28 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141061 Malicious code in configstore-publish-callback-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bbc0693eafa04b8a94047bef25c9cc975ce1f01682076e624ca0e6650756e06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111934

Malicious code in kinetic-nestjs-callback-jovian npm...

EUVD-2025-124628

Malicious code in native-magellan-despina-callback npm...

Malicious code in cors-chakra-ui-norma-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6583e3fb97f1c660d5acd6273f78cff0fa61a0737fe5b0b5233e8b582d2659 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115787

Malicious code in callback-transform-zenith-node-config npm...

EUVD-2025-115786

Malicious code in callback-vega-ganymede-yildun npm...

EUVD-2025-115799

Malicious code in callback-process-upgrade-auth npm...

EUVD-2025-123146

Malicious code in publish-browserify-callback-await npm...

EUVD-2025-115814

Malicious code in callback-adonis-native-ophiuchus npm...

Malicious code in husky-callback-algol-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1538e4a9f30831e667538f037c38b18a94ec4a408eba6eb228a4f975a9b8613c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115794

Malicious code in callback-restart-spawn-cordelia npm...

EUVD-2025-115299

Malicious code in cli-rimraf-callback-exec npm...

EUVD-2025-122586

Malicious code in resolvers-sedna-callback-vuepress npm...

Malicious code in parcel-mui-event-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf3a8fdcd7a231752e40c7d558b2efeafc603d9ec4bee1ff23f8c5ec2d88e5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...