Malicious code in pm2-run-script-eslint-plugin-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a817f06ae0a4d8dc0d41ca305b9e56576f1bd8664d47548dc7532d0c54975083 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146419 Malicious code in postcss-procyon-xanadu-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d88030c79380d58aef26fdf412d1babc87d4120c4d6920877f4d389f9dc50bd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122739

Malicious code in rehype-run-script-soap-process npm...

EUVD-2025-111595

Malicious code in loglevel-run-script-cross-env-superagent npm...

EUVD-2025-122377

Malicious code in run-script-gulp-hydra-jekyll npm...

EUVD-2025-114043

Malicious code in enif-xanthus-spinner-run-script npm...

EUVD-2025-115453

Malicious code in chalk-run-script-prompts-css-loader npm...

EUVD-2025-122370

Malicious code in run-script-testcafe-astro-ursa npm...

EUVD-2025-123906

Malicious code in pavo-zenobia-forever-run-script npm...

EUVD-2025-111933

Malicious code in kinetic-ophiuchus-antares-run-script npm...

EUVD-2025-120716

Malicious code in vuetify-loop-convict-run-script npm...

EUVD-2025-116557

Malicious code in aquarius-phoenix-prompts-run-script npm...

EUVD-2025-116741

Malicious code in altair-pulsar-run-script-procyon npm...

EUVD-2025-122375

Malicious code in run-script-metalsmith-init-commitlint-config-angular npm...

EUVD-2025-114273

Malicious code in dynamo-run-script-nashira-markdownlint npm...

Malicious code in run-script-ophiuchus-cors-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1a09fd213361677312c1ca5e7462ebe175bcc01115ff87099c130dd7a70fdb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fork-run-script-json-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a487508b75acecea952348bb04e9172b5b203a5e9a7c982696c74b83d7457b0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdownlint-standard-run-script-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9c922258173b565aad147f7ab8c8f6e2bd3797075453bb4b7d65c9e6481e66d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123931

Malicious code in pavo-antares-run-script-lyra npm...

EUVD-2025-124368

Malicious code in node-sass-run-script-chariklo-uninstall npm...