Malicious code in toml-transform-colors-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91d70cd2849f53b4ee927dbd5ce6124dc606282f9efcab3a38d79e9435a06b6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120980

Malicious code in umbriel-transform-galaxy-pavo npm...

EUVD-2025-113781

Malicious code in event-transform-apex-child-process npm...

Malicious code in meissa-supervisor-markdown-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60cdc4d5317b650a261573ff13fe8a451e6e91f68730697fa7045ac908f307e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123546

Malicious code in polaris-transform-firebase-quasar npm...

EUVD-2025-121152

Malicious code in transform-uninstall-octans-mui npm...

EUVD-2025-113736

Malicious code in express-epimetheus-transform-antares npm...

EUVD-2025-115787

Malicious code in callback-transform-zenith-node-config npm...

Malicious code in eslint-plugin-transform-semantic-ui-yakutsk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43b1046da97d6e7c83170cac3d306570016cd8e3b7315de173d686eb7a2bd2e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in atlas-transform-taurus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f0909ba4909733d4fac4e56663f46711f68ddc92b68de6f9e53ac2818f36279 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115162

Malicious code in commitizen-transform-algol-betelgeuse npm...

EUVD-2025-121540

Malicious code in superagent-transform-betelgeuse-chakra-ui npm...

MAL-2025-148723 Malicious code in toml-transform-mongoose-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4c5aa347312aa9608e31732bf55144c791fd30f70ee314980a49a5e5bb3ea7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139264 Malicious code in airbnb-transform-apollo-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 286babe43131b1bc5666a0fb2c46ea3d0a97b51b5aeee903c931463caf7e1f60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148772 Malicious code in transform-publish-sedna-cressida (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a03fc8338b4b798f1a5808c0388729affd3e1aaf3ffed404918845befbbdb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120214

Malicious code in xerxes-repository-transform-browserify npm...

EUVD-2025-114090

Malicious code in enceladus-astro-changelog-transform npm...

EUVD-2025-115093

Malicious code in concurrently-transform-prettier-stylelint-halley npm...

EUVD-2025-121166

Malicious code in transform-dorado-phoenix-mensa npm...

EUVD-2025-122684

Malicious code in release-it-transform-grus-apex npm...