Malicious code in gravity-juno-cors-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8097a0705bf1ad76bb1607942f6aa70d99247cce4d60a546977d03b5d6d255 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189519 Malicious code in sirius-phoebe-zenobia-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4e356e0189aeabe1d3533e01c5b8a0675f2e4f2b23acfdb7648ee90530adf9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186657 Malicious code in dynamo-sirius-changelog-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99724af34264220df5ccb753c1103bd7ff76b4df241a798532e0790d5505f7bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179225

Malicious code in dynamo-sirius-changelog-string npm...

EUVD-2025-176362

Malicious code in sirius-blaze-decoherence-scripts npm...

EUVD-2025-177982

Malicious code in magellan-enif-oauth-sirius npm...

EUVD-2025-180381

Malicious code in apollo-sirius-upgrade-iota npm...

EUVD-2025-178994

Malicious code in exec-markdown-avior-sirius npm...

Malicious code in umbra-enif-sirius-lightyear (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1d6e28e0423c02db3969a8742d5aa784afb117a4d8361b30eaf8032885dbdd8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in buffer-css-loader-draco-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f5ae31d8f1fe77a4535d4c2304e138491272c5692a24d0d9e2b9c8877d430f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175668

Malicious code in vulcan-rimraf-sirius-enceladus npm...

EUVD-2025-176251

Malicious code in spica-oberon-sirius-local npm...

EUVD-2025-175997

Malicious code in terser-webpack-plugin-spectron-webdriver-sirius-enceladus npm...

EUVD-2025-175839

Malicious code in umbra-enif-sirius-lightyear npm...

EUVD-2025-175500

Malicious code in xenon-sirius-scripts-regulus npm...

EUVD-2025-177436

Malicious code in ophiuchus-whitedwarf-sirius-altair npm...

EUVD-2025-177208

Malicious code in phoebe-petrology-sirius-fermiparadox npm...

EUVD-2025-176937

Malicious code in public-gacrux-jsonp-sirius npm...

EUVD-2025-176868

Malicious code in quantum-sirius-spinner-sirius npm...

EUVD-2025-176360

Malicious code in sirius-darkmatter-lint-staged-cli npm...