EUVD-2025-120800

Malicious code in version-achernar-nightwatch-cli npm...

EUVD-2025-120646

Malicious code in wasat-cli-barnard-style-loader npm...

EUVD-2025-122129

Malicious code in sedna-socketio-cli-scorpius npm...

EUVD-2025-116359

Malicious code in auth0-cygnus-farout-cli npm...

EUVD-2025-114570

Malicious code in deneb-cli-process-protractor npm...

EUVD-2025-122724

Malicious code in relay-cli-altair-forever npm...

MAL-2025-145431 Malicious code in nightmare-cli-ursa-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c815f45736f8f59bd1582476c431a200edfecc2b39875a5ab386550f4e203eb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141539 Malicious code in deneb-cli-process-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 456e0252c4e2a30003d54a2df3e186700c4398ac5252d762bff1e11127186e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115320

Malicious code in cli-celeste-cors-fornax npm...

EUVD-2025-111488

Malicious code in magellan-cli-despina-xerxes npm...

EUVD-2025-112614

Malicious code in hyperion-scorpius-xerxes-cli npm...

EUVD-2025-112471

Malicious code in inquirer-cli-hermes-commitizen npm...

EUVD-2025-112470

Malicious code in inquirer-cli-spinner-antd npm...

EUVD-2025-112437

Malicious code in install-europa-aquarius-cli npm...

EUVD-2025-112190

Malicious code in jest-flare-less-cli npm...

Malicious code in celeste-cli-uglify-js-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fed63cfb1fb82bc628b16d127c52caa67e626fb4c898671692e4b6fb1d5e614 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cli-celeste-cors-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d7492e3952d9434eafd92a7f6c3705c199c7ed56c4ee9f13f1a3fbdeccbf70c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cli-lynx-nova-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8e0af512198e413bd0da9e0fbed417f8a39382fb085a429d28eaec3405abc38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cli-sedna-xo-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea95c52ea49932e465b636027c985528b53c29b37dbe031de9640b0ba8b01cb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in colors-corvus-postgres-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2eb7eafb397099447d7894757e36ecfbe2dfe1fc171de2c28d818bd4b75bfaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...