2 matches found
MAL-2025-139816 Malicious code in await-xanadu-jupiter-vega (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2f1c79ed3156189c294271f1e96c1d453e72ef5d6750d32043e80fb3f9a866 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116286
Malicious code in await-xanadu-jupiter-vega npm...