MAL-2025-138916 Malicious code in original-lavender-hoverfly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7cff724291031461ab159ba45bb2ac32653ad7f88919277281836ad9fda92a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117186

Malicious code in original-lavender-hoverfly npm...

EUVD-2025-117114

Malicious code in rude-lavender-condor npm...

EUVD-2025-117269

Malicious code in level-lavender-hare npm...

EUVD-2025-117298

Malicious code in innovative-lavender-roadrunner npm...

EUVD-2025-117495

Malicious code in cheap-lavender-newt npm...

EUVD-2025-117315

Malicious code in icy-lavender-hoverfly npm...

EUVD-2025-117483

Malicious code in colonial-lavender-cougar npm...

EUVD-2025-117244

Malicious code in mass-lavender-pigeon npm...

Malicious code in mass-lavender-pigeon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39323fc49189bdc215d3a69c5d427e192d7c99984ebec3c5fb5d146e6cf91de6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rude-lavender-condor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6ee9543ae84cb84e1102f2a5721a396b7b8b264dda933eaa89511a15c2fa677 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in defeated-lavender-rat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85de9281ba5d27e75ea0a077a2a1957518f8fd3cdcee4945eab4b5ccbb558a17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in colonial-lavender-cougar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9be406abe776b818c911262390171900eec0aabd095ad292a6c06d14b14fcb0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117454

Malicious code in defeated-lavender-rat npm...

EUVD-2025-117452

Malicious code in delicious-lavender-snail npm...

Malicious code in chronic_koi_lavender-3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6babac4db933f86c80f65fc6738edc75578dad9b1f32c6a6a37fc3a0478fd570 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unchanged_herring_lavender-54 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c82c7901f2ede1f8036fd33fea813cb9ec7abf0a4b790285d45efaa9f078bdd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-74797

Malicious code in constitutionaltarantulalavender-56 npm...

EUVD-2025-74170

Malicious code in tallperchlavender-29 npm...

EUVD-2025-74705

Malicious code in electoraljaguarlavender-16 npm...