EUVD-2025-178773

Malicious code in ganymede-public-canopus-hydra npm...

EUVD-2025-176344

Malicious code in slides-public-alphard-canopus npm...

EUVD-2025-180021

Malicious code in blueshift-canopus-leda-higgs npm...

EUVD-2025-176261

Malicious code in spectron-webdriver-async-primatology-canopus npm...

Malicious code in duplex-airbnb-canopus-gammarayburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 117508a86020268cd81fdae9e80b61bddc41f161e6fbf280a81788e22e70634f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176300

Malicious code in socketio-canopus-palynology-jupiter npm...

EUVD-2025-176004

Malicious code in terser-webpack-plugin-canopus-troposphere-ichnology npm...

EUVD-2025-175681

Malicious code in vuepress-update-canopus-zooarchaeology npm...

EUVD-2025-177158

Malicious code in pipe-cz-conventional-changelog-meissa-canopus npm...

EUVD-2025-177006

Malicious code in prompts-commitlint-canopus-karma npm...

EUVD-2025-176995

Malicious code in prosthetics-local-canopus-uranology npm...

EUVD-2025-178538

Malicious code in hermes-dactyl-canopus-flare npm...

EUVD-2025-179526

Malicious code in cosmology-schema-morgan-canopus npm...

EUVD-2025-179238

Malicious code in duplex-airbnb-canopus-gammarayburst npm...

MAL-2025-187702 Malicious code in koa-vega-zenith-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64a04af2364592a4dbe9304c1583200538072652b566a0c4367ccac8e31b977f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179887

Malicious code in canopus-odin-scorpius-css-minimizer-webpack-plugin npm...

Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178684

Malicious code in got-cosmicweb-canopus-halley npm...

EUVD-2025-176524

Malicious code in sass-loader-canopus-mesosphere-concurrently npm...

EUVD-2025-180465

Malicious code in aldebaran-stratigraphy-canopus-module npm...