Malicious code in rollup-plugin-yonder-draco-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 882dd9b292283f0e6f159f85b76503f46a224aac7d185a399da12e6e783d5865 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120651

Malicious code in wasat-acamar-fork-repository npm...

Malicious code in fork-less-loader-stream-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f983e20b23c6c3ea63bfec0d0eb328ca07ecf008967e2c5e765651916732d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124648

Malicious code in nashira-config-fork-cli npm...

Malicious code in release-it-sass-loader-parcel-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c5b769cb83d4424c30fd9e0d87d8ae149c3c2188ae87c28d2c06b4ec5c28b15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122514

Malicious code in reveal-md-fomalhaut-prettier-plugin-markdown-fork npm...

Malicious code in fork-foundation-enceladus-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47f8401d11f4b6874b1999bdf3f2ec8220a510a0e127d7d11a1535ebc1f3395e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in airbnb-fork-mutation-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 793b36b14fb2abf3bdaac4f697b01eff9656ab057f26f8af0397d78ec7130074 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113520

Malicious code in fork-less-loader-stream-spinner npm...

EUVD-2025-113524

Malicious code in fork-foundation-enceladus-avior npm...

EUVD-2025-120107

Malicious code in yildun-vuetify-fork-global npm...

EUVD-2025-111480

Malicious code in magellan-fork-colors-fomalhaut npm...

MAL-2025-142092 Malicious code in epimetheus-cors-rate-limiter-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14a36585cb0e9470e30f7a4cd1bc052fa0639c93ff28925fce131a00d3a5f4d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147587 Malicious code in sagitta-child-process-zenith-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c8ac52cf3de98dfb5eb57f3316ceac412304ef84753e297e90dc52e087dc974 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149209 Malicious code in vuetify-fork-xml-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 683777ffb6a0d2d4ffc0e742ec2bbcc49d9709fcb03df1612896d9e53e07165c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148679 Malicious code in titan-fork-centaurus-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f1852f1c60fd756f9680f7687b62b5f8b5fe73c9b92121a04e655bab2524630 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122513

Malicious code in reveal-md-fork-rehype-yakutsk npm...

EUVD-2025-114305

Malicious code in duplex-browserify-magellan-fork npm...

Malicious code in fork-vega-kaus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75e7e3ab2e551d64f307ad5edc6b7efbe70b2b77c5666c59cbdd9ac9e67d50b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123217

Malicious code in proxima-antares-fork-pino-pretty npm...