EUVD-2025-124858

Malicious code in miranda-sync-despina-auth0 npm...

EUVD-2025-116850

Malicious code in airbnb-colors-sync-hapi npm...

EUVD-2025-121512

Malicious code in sync-build-koa-miranda npm...

Malicious code in spectron-juno-sync-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029c69347857d8315b739f23392a7f38ae2dfc69862917d707b23b71ff615f58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121514

Malicious code in sync-antares-rehype-yaml npm...

EUVD-2025-121907

Malicious code in soap-csrf-sync-nextjs npm...

EUVD-2025-115222

Malicious code in comet-prettier-stylelint-sync-perseus npm...

EUVD-2025-123968

Malicious code in parcel-carpo-cypress-sync npm...

MAL-2025-144540 Malicious code in loop-yonder-betelgeuse-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1c945f5dae18315f4787680fe0df2b8745a6117d6af0a32e4b1857099ceea2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142673 Malicious code in foundation-sync-jwt-dependencies (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0763efc2d7e662922249fb41abf295d83acb6a6eeaac78e28e2930207857b575 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140667 Malicious code in changelog-cosmos-sync-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 596a89477e8326b81d0f5d1350fde952cd637ffe72226471a186f3f7cd3fe4fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143753 Malicious code in izar-cassini-ursa-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844171ec081664cbf20fd1c8c743f71ddc8ecc7ef40ef3b54fb7c6215ede00e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-mui-jasmine-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd1df8a6d2bc023876d443ab956c891fa6eed3e890a12c4ae30e21b71e81c3f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124636

Malicious code in nashira-sagitta-tailwindcss-sync npm...

EUVD-2025-120267

Malicious code in xenon-sync-despina-heka npm...

EUVD-2025-121513

Malicious code in sync-axios-cypress-virgo npm...

EUVD-2025-112360

Malicious code in izar-cassini-ursa-sync npm...

Malicious code in carina-rate-limiter-perseus-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0de077fa85a8aac069d8b85948635a847e137b4cec30da3ac961db323496c642 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124010

Malicious code in orbit-pegasus-sync-shelljs npm...

EUVD-2025-122463

Malicious code in rimraf-sync-koa-test npm...