MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176613

Malicious code in rocket-package-sass-loader-avior npm...

EUVD-2025-122449

Malicious code in rocket-nestjs-csrf-mensa npm...

MAL-2025-147478 Malicious code in rocket-rocket-rate-limiter-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41e26082c9b904ba1de4516401a9a993d4862884ee2c98d0d8c7caf5a1f51ca2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in @i22/rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47748ea5218b5ee35bfc50b911a7a41d04d1e19a74832b73679c1c376133dc79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @i22/rocket is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...