MAL-2025-149595 Malicious code in xanadu-firebase-hydra-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2968e2c1db958009855484fb18365bced939dabc426a4aebb39c634a70f67dac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120336

Malicious code in xanadu-firebase-hydra-avior npm...

Malicious code in despina-hydra-avior-blaze (npm)

The package despina-hydra-avior-blaze was found to contain malicious code...