MAL-2026-388 Malicious code in charlie_charlie_kirky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8676a174ab443e579c1cc2fca8d746c79ad03dc66ff6a09c5f4f4b73af2ccd8d The package charliecharliekirky was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-100679

Malicious code in waterymosquitoz3n npm...

EUVD-2025-103050

Malicious code in peacefulconstrictorz3n npm...

Malicious code in nuclear_peafowl_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50f46f6adaca788d2cf65d2886952b5c7f937e768a253d1699c0c64e9d5bd775 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-94733

Malicious code in thoughtlesscranez3n npm...

Malicious code in flat_kiwi_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab6d879bf52d06b021fdcba9b869e86f30f3b16d899b0d0cbe08d74393709baf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-88642

Malicious code in successfulvolez3n npm...

EUVD-2025-89886

Malicious code in netkoiz3n npm...

EUVD-2025-74863

Malicious code in balancedzebraturquoise-43 npm...

EUVD-2025-74607

Malicious code in glamorousdragonlavender-4 npm...

EUVD-2025-74440

Malicious code in molecularturkeyblack-22 npm...

EUVD-2025-76006

Malicious code in politecrab-biggestdev npm...

Malicious code in dark_cricket-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89d88215c1d24b878486a55f1b69ad5473ef53001f7cec35d180ee44974692d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-79112

Malicious code in harshweaselz3n npm...

EUVD-2025-79718

Malicious code in bewilderedworm0xrequest npm...

EUVD-2025-81767

Malicious code in gratefulflamingo0xrequest npm...

EUVD-2025-79794

Malicious code in appropriatemammaldumbs npm...

EUVD-2025-63410

Malicious code in jollytroutz3n npm...

Malicious code in lost_coyote_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58376fe600429ca51fc135357b86519b538ac82e3977013cb41c8d73f6c8d738 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-73575

Malicious code in spectaculartarsierz3n npm...