EUVD-2025-178847

Malicious code in fornax-phoebe-jabbah-xo npm...

Malicious code in phenomic-metalsmith-neptune-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40a3e947e7e13e33325e88989cd6115c193af7ef059f6904daade611693e4fa9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187273 Malicious code in halley-xanthus-aquarius-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f65980ae484a66d6f3d0542f8cf21482dd3a48599965d67854c37e71e37fb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122065

Malicious code in semantic-ui-tool-fornax-package npm...

Malicious code in hyperion-odin-element-ui-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f451588e73aee3cd758c7d1ac11ac037df831790d6ab5fa69e9911cb4111b0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...