Malicious code in fornax-local-gemini-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2f8f9b559ad10d6f12bca30ea4b8ecde5143e517b27f5b4d695552fd03ad93c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175613

Malicious code in webdriver-manager-neptunology-oscillation-fornax npm...

EUVD-2025-175569

Malicious code in weywot-webdriver-mocha-loglevel-fornax npm...

EUVD-2025-177442

Malicious code in ophiuchus-eleventy-fornax-proxima npm...

EUVD-2025-176761

Malicious code in redshift-nebula-cz-conventional-changelog-fornax npm...

EUVD-2025-176485

Malicious code in scripts-private-frontend-fornax npm...

EUVD-2025-178806

Malicious code in futurology-jsonp-process-fornax npm...

EUVD-2025-178476

Malicious code in hydrogeology-hydra-phoenix-fornax npm...

EUVD-2025-179274

Malicious code in dorado-jest-gatsby-fornax npm...

EUVD-2025-179751

Malicious code in charon-stream-fornax-dotenv npm...

EUVD-2025-111159

Malicious code in middleware-fornax-cache-chariklo npm...

Malicious code in fornax-mongodb-ini-sass-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d92b178d3023eba948ee956d55dcf075ba19ba31ed8962ead5726e6adc9edbee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in orbit-transport-pulsar-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0ac9a87883bd4a5728f0a6a2441250aab1ea05641e171ea404f77c2d8eb39b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uglify-js-nestjs-fornax-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f836626a36dad3ac3a3576de198188f321dcd3c9875be1920bea36dab436d7ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113483

Malicious code in fornax-leda-algol-publish npm...

EUVD-2025-113462

Malicious code in fornax-react-bootstrap-halley-fork npm...

EUVD-2025-112913

Malicious code in hapi-winston-halley-fornax npm...

EUVD-2025-114000

Malicious code in epimetheus-superagent-flare-fornax npm...

EUVD-2025-113498

Malicious code in fornax-corvus-socketio-antd npm...

EUVD-2025-113493

Malicious code in fornax-epimetheus-uninstall-spectron-webdriver npm...