EUVD-2025-113635

Malicious code in figures-orbit-uglify-js-uglify-js npm...

EUVD-2025-113390

Malicious code in fusion-arcturus-uglify-js-meissa npm...

EUVD-2025-114568

Malicious code in deneb-delphinus-orbit-uglify-js npm...

EUVD-2025-114005

Malicious code in epimetheus-regulus-sass-loader-uglify-js npm...

MAL-2025-142228 Malicious code in eslint-plugin-chai-lacerta-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5ac9c2490e31cd01f911ada3fe41b454765bdacb067fe04d3d6dd4851be3643 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112233

Malicious code in javascript-indus-europa-child-process npm...

EUVD-2025-112231

Malicious code in javascript-nconf-ursa-promise npm...

EUVD-2025-123553

Malicious code in polaris-slides-javascript-sagitta npm...

EUVD-2025-112170

Malicious code in jovian-csrf-javascript-gridsome npm...

EUVD-2025-120110

Malicious code in yildun-rehype-javascript-jovian npm...

EUVD-2025-121692

Malicious code in sqlite-npm-uglify-js-airbnb npm...

MAL-2025-146135 Malicious code in phenomic-javascript-remark-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315149a5727b357bfa3b12aeac62126a15734f48ad61a49ce8b7ce4875619e01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149822 Malicious code in yildun-rehype-javascript-jovian (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd7450993f2ee006c4a6d5bd8bc981fba7295d59c3471a8aabaecaeb1fe49589 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148501 Malicious code in telesto-release-it-google-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6ccdd5032ea5072b6c78227164fcfdd6caeffefe98b43a5d8156d92454dd74e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142969 Malicious code in google-sagitta-nodejs-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 338abc925116d84e0ecc7c1b0f9dda422e67c5ad6a11245fb5ce6333b89b3a63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115005

Malicious code in cordelia-mutation-halley-uglify-js npm...

EUVD-2025-116549

Malicious code in aquarius-testcafe-javascript-lacerta npm...

EUVD-2025-122816

Malicious code in redis-javascript-ursa-polaris npm...

MAL-2025-146142 Malicious code in phoebe-callback-javascript-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 863b7bdace3d43c148c9ec83856b8f909c3780ed176684c3d48c0716917f78d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gulp-nodejs-bellatrix-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a51c5af9497d648c837690d26c1883cd6827d6a576e08da0c2774ab1f1c3bf66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...