Malicious Package

Overview chakra-ui-2--styled-system is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview chakra-ui-2--react-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2026-3083

Malicious code in chakra-ui-2--react npm...

Malicious code in chakra-ui-ophiuchus-sublimation-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44f618e732db8d3ff69334d6194da83ee2d0ecd8d2a83ac60310bfeae1aa6068 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186086 Malicious code in chakra-ui-ethology-biomimicry-superflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ec1a6bd4839590111dd4aee2301174b7baaaf80bc633899c529eda7de74071c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-116117

Malicious code in betelgeuse-jovian-galaxy-chakra-ui npm...

MAL-2025-140628 Malicious code in chakra-ui-semantic-ui-query-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 772e26511ca75d4e3293ea2926cbb7404b0e62d26f1a7aee402169932f39d916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140610 Malicious code in chakra-ui-command-passport-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78aa8bda85f98b1e6f2ce18f280186996e1d6e9bf6b3e726f5bb83c5fa67937d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140622 Malicious code in chakra-ui-nodemon-gridsome-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126ff566ea2abc806da64457f68e93782465c69d4c39c8050633cf66e6ff174f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140609 Malicious code in chakra-ui-comet-style-loader-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72f65fcdb29603b945d42935419406e4a2f23453bfa8433eb0a8fe85837cc7d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...