Malicious code in despina-photon-nodejs-on (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3152b5d159e60035f53ed829f5362c99844bd6585f8e614ae1b496a79ee78f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodejs-cosmicweb-chakra-ui-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93a5092226cfdaec9107ff680820108c965f38859cd60ac2915fa0552cf83dbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178405

Malicious code in init-optimize-css-assets-webpack-plugin-nodejs-grus npm...

EUVD-2025-176136

Malicious code in superagent-nodejs-darkenergy-fermiparadox npm...

EUVD-2025-178940

Malicious code in farout-quark-joviology-nodejs npm...

EUVD-2025-179313

Malicious code in despina-photon-nodejs-on npm...

EUVD-2025-179166

Malicious code in element-ui-nodejs-bellatrix-hapi npm...

EUVD-2025-175588

Malicious code in webpack-dotenv-safe-avior-nodejs npm...

EUVD-2025-177718

Malicious code in mysql-quasar-nodejs-node-sass npm...

EUVD-2025-180087

Malicious code in betelgeuse-nodejs-hugo-flare npm...

EUVD-2025-179840

Malicious code in celeste-baryon-stop-nodejs npm...

MAL-2025-188326 Malicious code in nodejs-hyperion-quito-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffe47afcc4eb84693e5a1585a83da52d5bc58a56d4e82fc172e560abdd48700b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177553

Malicious code in nodejs-sass-loader-carina-duplex npm...

EUVD-2025-177556

Malicious code in nodejs-hyperion-quito-start npm...

EUVD-2025-177554

Malicious code in nodejs-radioastronomy-tailwindcss-chalk npm...

EUVD-2025-177370

Malicious code in paleoclimatology-jsonp-troposphere-nodejs npm...

Malicious code in acamar-child-process-oauth-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aecf9405e1356b230c3b5e02f074df3b4d1c15deed220a1ee0fa696389b7d321 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186716 Malicious code in element-ui-nodejs-bellatrix-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0756d6fd922c626edc59579a4d716f23cd964716bb8b7d01a1c54534ab451d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188329 Malicious code in nodejs-sass-loader-carina-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c38ff8f4ea5bf2c844ec1c897f02f47338bcfb40fdbe2cf01b0b824f0c1c0e06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-5222 affecting package nodejs18 for versions less than 18.20.3-10

CVE-2025-5222 affecting package nodejs18 for versions less than 18.20.3-10. A patched version of the package is available...