Malicious code in fetch-corvus-auth-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de090b94808980372619b8096599353dd43a9676150155c1d8046afdbf5a8d31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120640

Malicious code in wasat-fetch-event-airbnb npm...

EUVD-2025-113652

Malicious code in fetch-supervisor-phoenix-octans npm...

EUVD-2025-124136

Malicious code in octans-venus-fetch-capella npm...

EUVD-2025-113669

Malicious code in fetch-europa-schema-leda npm...

EUVD-2025-113659

Malicious code in fetch-polaris-loopback-registry npm...

EUVD-2025-113674

Malicious code in fetch-chalk-mysql-ganymede npm...

EUVD-2025-113675

Malicious code in fetch-celeste-link-quantum npm...

EUVD-2025-115623

Malicious code in castor-fetch-webdriver-manager-mini-css-extract-plugin npm...

Malicious code in fetch-celeste-link-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecd7a1846ff262e5c7b508f4b84abf81c837205c5ccd7d9dc7f3b32ee0d35ea0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113651

Malicious code in fetch-virgo-nashira-adonis npm...

EUVD-2025-113545

Malicious code in forever-fetch-flare-farout npm...

MAL-2025-142445 Malicious code in fetch-hexo-commitlint-config-angular-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1275904ccd7fcedcc0f0e16254ee142d90c79cc0ba947d02fe8bfe251f8ffa55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144876 Malicious code in metalsmith-elektra-fetch-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70ad4825d26657e1d808e320ba35d6115608876599dc6bf3bba69bae9ba3c742 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144132 Malicious code in kastra-scorpius-mocha-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7d64236b575351a9446cd6e18afbbbce19a2a32b2eb67ae0e1e1799e035f3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113734

Malicious code in express-fetch-build-auth0 npm...

EUVD-2025-120256

Malicious code in xenos-fetch-gulp-eslint-config npm...

EUVD-2025-113679

Malicious code in fetch-await-epimetheus-pegasus npm...

EUVD-2025-113662

Malicious code in fetch-jasmine-frontend-equinox npm...

EUVD-2025-113676

Malicious code in fetch-bootes-concurrently-phoebe npm...