Malicious code in @0xlr/stripe-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eda7bf8681a6253ffc4bc965888e45c5374e4ba8d4fe2e17efcd0f227d7ce5e On npm install, postinstall.js enumerates every entry in process.env sorted, bundles it with hostname, username, homedir, cwd, argv, and platform/arc...

MAL-2025-190598 Malicious code in @ra-ide/udt-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43e7622a4fb5f78043c8f52ad78fb036d26fa8ae041f8d2d21f82d4620894e14 The package @ra-ide/udt-frontend was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2025-179819

Malicious code in centaurus-miranda-meteor-frontend npm...

EUVD-2025-178829

Malicious code in frontend-uninstall-foundation-prettier npm...

EUVD-2025-179228

Malicious code in dynamo-mini-css-extract-plugin-cosmicsilence-frontend npm...

EUVD-2025-180245

Malicious code in augmentedreality-frontend-cz-conventional-changelog-neptunology npm...

MAL-2025-187935 Malicious code in markdown-prettier-frontend-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 659e8b9f5234bf3784b1ddbfde8f82519b786322f78a3a6131c158daba967810 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177546

Malicious code in nodemon-slides-frontend-tethys npm...

EUVD-2025-176316

Malicious code in soap-wasat-frontend-astroinformatics npm...

EUVD-2025-111941

Malicious code in kinetic-frontend-csrf-unuk npm...

EUVD-2025-115358

Malicious code in child-process-init-winston-frontend npm...

EUVD-2025-113414

Malicious code in frontend-betelgeuse-restart-orbit npm...

EUVD-2025-113405

Malicious code in frontend-magellan-metalsmith-chai npm...

MAL-2025-146125 Malicious code in perseus-yakutsk-frontend-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a641fbc17006d8fdb7b548a76d3ebf7bfb0f5cc7aafc94582bd05a5f53074e8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120633

Malicious code in wasat-npm-frontend-stop npm...

EUVD-2025-113397

Malicious code in frontend-pulsar-nuxtjs-request npm...

MAL-2025-142719 Malicious code in frontend-wasat-nodejs-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44a9b3e0e6c35f9c2f5cb48630a98942aa550303d2bb87c44fb9193fd5581b34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121696

Malicious code in sqlite-iota-passport-frontend npm...

EUVD-2025-113403

Malicious code in frontend-mira-indus-acamar npm...

MAL-2025-142716 Malicious code in frontend-quark-antares-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2705edc75fdc673a8224482fad5b553e46f7fcd696e1c16c4557c29c33efa292 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...