EUVD-2025-177872

Malicious code in metalsmith-xanthus-react-bootstrap-sequelize npm...

EUVD-2025-176913

Malicious code in publish-xanthus-cypress-redis npm...

EUVD-2025-180497

Malicious code in aether-hologram-genomics-xanthus npm...

EUVD-2025-178166

Malicious code in lacerta-betelgeuse-xanthus-upgrade npm...

EUVD-2025-175520

Malicious code in xanthus-fusion-oauth-halley npm...

EUVD-2025-177415

Malicious code in orbit-luna-indus-xanthus npm...

EUVD-2025-178145

Malicious code in leda-morgan-xanthus-ophiuchus npm...

EUVD-2025-177856

Malicious code in meteor-jupiter-jupiter-xanthus npm...

EUVD-2025-176039

Malicious code in technocracy-protoplanetarydisk-xanthus-javascript npm...

Malicious code in xanthus-websockets-helios-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6f219d623b83cc1ca2712663a18695e219e82344813cf2e184bdb096c2ed1a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lyra-xanthus-csrf-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b0400e33310dc0a2fd44e038192baefeffcefb683ae979ca17aa648245da1fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175518

Malicious code in xanthus-redis-scripts-fomalhaut npm...

EUVD-2025-175521

Malicious code in xanthus-dotenv-safe-markdownlint-xerxes npm...

EUVD-2025-175523

Malicious code in xanthus-child-process-radiant-biotechnology npm...

EUVD-2025-179292

Malicious code in docusaurus-bellatrix-xanthus-virgo npm...

MAL-2025-188026 Malicious code in meteor-jupiter-jupiter-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c15bb4dde7cb205f506deb37c235142955b3906d8918fa352ab7add70e6e9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188010 Malicious code in metalsmith-xanthus-react-bootstrap-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c249cc1d9495c472c96febcbb4aa5275a3ddc5edcbc067eb482c1e37aa6b7cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xanthus-fusion-oauth-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fa144cbc93e4dd11b40e15d7092f90e2dda9887cd891d011546ced148d600e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in halley-xanthus-aquarius-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f65980ae484a66d6f3d0542f8cf21482dd3a48599965d67854c37e71e37fb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178793

Malicious code in galaxy-xanthus-perseus-subscription npm...