EUVD-2025-115245

Malicious code in colors-testcafe-uglify-js-karma npm...

EUVD-2025-124358

Malicious code in nodejs-eris-izar-semantic-release npm...

EUVD-2025-112275

Malicious code in janus-tethys-meteor-comet npm...

EUVD-2025-114631

Malicious code in dagda-nodejs-magellan-mysql npm...

EUVD-2025-114180

Malicious code in electron-rimraf-orbit-javascript npm...

EUVD-2025-113909

Malicious code in eslint-config-inquirer-commitlint-config-angular-sirius npm...

EUVD-2025-116873

Malicious code in aether-cygnus-nodejs-got npm...

EUVD-2025-112526

Malicious code in ini-draco-frontend-quark npm...

EUVD-2025-123163

Malicious code in public-gatsby-figures-hugo npm...

EUVD-2025-115489

Malicious code in chakra-ui-jekyll-algol-prompts npm...

EUVD-2025-115702

Malicious code in carina-centaurus-blaze-terser-webpack-plugin npm...

EUVD-2025-114098

Malicious code in eleventy-sails-inquirer-javascript npm...

Malicious code in javascript-pegasus-chariklo-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac6997bd3466d1dbc0d2d8e506913bb83f681fd0e26386f1abe92ec640aecc0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-parcel-electron-builder-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d82865d2c4c118814f34f9e55544cc147c81d7874040ad365913faf99ebac58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111203

Malicious code in meteor-google-jekyll-query npm...

EUVD-2025-124348

Malicious code in nodejs-pegasus-rehype-adonis npm...

EUVD-2025-123809

Malicious code in perseus-rollup-plugin-xanthus-node-config npm...

Malicious code in vuetify-postcss-loader-mongodb-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1901883a12e5906a3aa40a43f8816c93e38fefb894c40b8271a376d5bb6d12d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124291

Malicious code in non-blocking-vega-jovian-csrf npm...

MAL-2025-142946 Malicious code in global-phoebe-hermes-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b9cf8f68fe78b8401aafb88d4aaf8ce51f84264f6b6d3ad78a28340871c9b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...