MAL-2025-143315 Malicious code in hermes-development-virgo-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b9ebfa206b435c81a56d67d919dc4e28ddfda901b05abe2419b067e8de16f38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141050 Malicious code in configstore-enif-development-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18867f5616affb9421d74ecd880425debcb7b7e0fc1670211003ddec8dc395d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141748 Malicious code in dotenv-safe-development-command-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64c16cfd842e8cb52469e8ea8f152f3e7626745060a732985a6a98d9c59f8271 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141619 Malicious code in development-dotenv-pyxis-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae211171bc2d9b5f0fe3cc61c3f814bb976c29080a1cef7a633af982f93147be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148467 Malicious code in taurus-development-sirius-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be8b5020ffe59b7b9afc50b4ca06dc749d7ade12a8b455458bca24118978902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113238

Malicious code in geckodriver-miranda-development-colors npm...

EUVD-2025-121461

Malicious code in taurus-development-sirius-pegasus npm...

Malicious code in release-it-optimize-css-assets-webpack-plugin-nextjs-development (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c764c8e1197089b89a69cbb65b46608e4f93bbeb4b959adc6fa58e7f730d0bf6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123586

Malicious code in polaris-development-subscription-eridanus npm...

EUVD-2025-114361

Malicious code in dotenv-safe-development-command-non-blocking npm...

EUVD-2025-114496

Malicious code in development-cache-nightwatch-slides npm...

EUVD-2025-121281

Malicious code in thuban-development-carpo-loglevel npm...

EUVD-2025-114480

Malicious code in development-remark-impulse-hermes npm...

EUVD-2025-123686

Malicious code in pino-pretty-husky-development-deimos npm...

EUVD-2025-115059

Malicious code in configstore-enif-development-altair npm...

EUVD-2025-114492

Malicious code in development-cressida-sequelize-odin npm...

EUVD-2025-115387

Malicious code in charon-csv-development-equinox npm...

EUVD-2025-114482

Malicious code in development-polaris-lint-staged-procyon npm...

Malicious code in sagitta-relay-soap-development (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3af375c1cc7e3d5daa24087f91e3a575c2cc62fd208b8c08caabf86453888112 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spinner-development-cassini-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1980e9d652b81daeb875482c3bb1b2e296302bf80c17586a0b77dd834e11825d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...