MAL-2026-2870 Malicious code in black-moon-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c672e4ab8770773551a9ff9b6b95a5740894bd1c689154056f69e5da4fdb879 The package black-moon-js was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in black-moon-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c672e4ab8770773551a9ff9b6b95a5740894bd1c689154056f69e5da4fdb879 The package black-moon-js was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2025-175960

Malicious code in theta-daemon-moon-char-info npm...

MAL-2025-188122 Malicious code in moon-small-nu-rain-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcf2a1dc5076c624ca43163bb493e90fd98998b7c3805d3aa5c9f1f5817c3db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177411

Malicious code in orchestrate-awk-encrypt-moon-fork npm...

EUVD-2025-176332

Malicious code in slow-data-moon-object-serialize npm...

Malicious code in moon-old-gamma-deploy-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5c4869ddd3ada1d30aaaa35c240e8d99748ce6917156ee14dd323fe2ec849a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175880

Malicious code in tree-psi-air-moon-air npm...

Malicious code in beta-moon-fast-authorize-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04718f9575365342a95b182394e3faf16985b0f54304fe8408cb783b9ba9d07e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in route-easy-function-moon-warn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b12fc0d9fb8eece445504291184c9dc3512207749c7db6267ab9885b474b3887 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177761

Malicious code in moon-omicron-stub-long-book npm...

EUVD-2025-177762

Malicious code in moon-old-gamma-deploy-cloud npm...

EUVD-2025-179250

Malicious code in double-file-encode-moon-virtualize npm...

EUVD-2025-177760

Malicious code in moon-small-nu-rain-static npm...

EUVD-2025-179138

Malicious code in encrypt-link-alert-grep-moon npm...

EUVD-2025-180099

Malicious code in beta-moon-fast-authorize-deploy npm...

EUVD-2025-179279

Malicious code in dog-process-file-file-moon npm...

EUVD-2025-178512

Malicious code in hot-float-moon-unix-fork npm...

MAL-2025-188123 Malicious code in moon-unix-meta-process-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 432d18ccf99d5d85dffa21aae798b7ec0ce7b7df8d0070f8e8d4c477f92b2037 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186511 Malicious code in decrypt-xml-compress-moon-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd29dfb05cee6c5ddaf5d6fc7511c903cc2572f128025c139bb45606c8a4d1af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...