Malicious code in vuetify-postcss-loader-mongodb-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1901883a12e5906a3aa40a43f8816c93e38fefb894c40b8271a376d5bb6d12d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121337

Malicious code in testcafe-css-loader-uglify-js-tailwindcss npm...

Malicious code in zenobia-javascript-transport-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 582ed82565cc2459fabf0fc9b1e689521a7becf110b9799fa259ced54307aa9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111287

Malicious code in meissa-prettier-plugin-markdown-celeste-vortex npm...

EUVD-2025-116873

Malicious code in aether-cygnus-nodejs-got npm...

EUVD-2025-115489

Malicious code in chakra-ui-jekyll-algol-prompts npm...

Malicious code in sirius-parcel-electron-builder-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d82865d2c4c118814f34f9e55544cc147c81d7874040ad365913faf99ebac58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cassini-uglify-js-terser-webpack-plugin-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ce09785669244e7591203f571d73f65427bc99ebccda71d751eb0a498be0e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124131

Malicious code in odin-carpo-init-altair npm...

EUVD-2025-123009

Malicious code in quantum-promise-phoenix-nodejs npm...

EUVD-2025-112094

Malicious code in juno-buffer-telesto-javascript npm...

EUVD-2025-120110

Malicious code in yildun-rehype-javascript-jovian npm...

EUVD-2025-123736

Malicious code in phoebe-triton-parcel-javascript npm...

EUVD-2025-112226

Malicious code in javascript-postcss-loader-fornax-ariel npm...

EUVD-2025-115756

Malicious code in callisto-redis-miranda-uglify-js npm...

EUVD-2025-112220

Malicious code in javascript-triton-babel-elektra npm...

EUVD-2025-114155

Malicious code in elektra-webdriver-mocha-xanadu-javascript npm...

EUVD-2025-123553

Malicious code in polaris-slides-javascript-sagitta npm...

EUVD-2025-121057

Malicious code in uglify-js-despina-quark-graphql npm...

Malicious code in phoebe-orbit-redis-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957cfc765b8daa82d4a320788625032a8cc33b88ebf52723fcb105fbac1146fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...