EUVD-2025-112716

Malicious code in hugo-prompts-install-nodejs npm...

EUVD-2025-123659

Malicious code in pipe-dynamo-nodejs-stream npm...

EUVD-2025-124237

Malicious code in npm-nodejs-umbriel-buffer npm...

EUVD-2025-123785

Malicious code in phenomic-json-nodejs-configstore npm...

EUVD-2025-124355

Malicious code in nodejs-grus-gacrux-auriga npm...

EUVD-2025-124347

Malicious code in nodejs-proxima-link-prettier npm...

MAL-2025-145572 Malicious code in nodejs-mongoose-dotenv-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c38ef3e18883f3950ca328b732c4c2367c7cab4f3dc2bd8ab24f4775d51cc21 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140052 Malicious code in blitz-nodejs-postcss-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45892fb45c9f93ca8fd5b90a65388042f2205a48413aa509a34733d2c1d972cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124360

Malicious code in nodejs-dependencies-unuk-duplex npm...

EUVD-2025-113143

Malicious code in google-sagitta-nodejs-nightwatch npm...

EUVD-2025-124362

Malicious code in nodejs-csrf-dotenv-safe-solis npm...

EUVD-2025-120073

Malicious code in zenith-polaris-warp-nodejs npm...

EUVD-2025-111756

Malicious code in levels-node-config-nodejs-dione npm...

Malicious code in nodejs-dependencies-unuk-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 071fc09dfbb31483cee6efe94d252e17936fa2604f6c450ed55d774c64b7e440 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146933 Malicious code in quark-pipe-mocha-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00fbf13855675eb0f04555f377cf94b4bcc89c117c1b9e7a004ad4c3159c4c47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148468 Malicious code in taurus-exec-javascript-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdedd5376e6fe1861b11be01534bfda0c690e573d66adc4218268940bdf545eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124872

Malicious code in miranda-ora-module-nodejs npm...

EUVD-2025-112979

Malicious code in halley-cosmiconfig-nodejs-ganymede npm...

EUVD-2025-111856

Malicious code in leda-async-nodejs-izar npm...

Malicious code in ora-achernar-kinetic-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 466b3999a1f913ccb9440477973486798c1cb1a637ffaeb420dd26a67dd1f17c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...