MAL-2025-144722 Malicious code in markdownlint-cache-kastra-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8de65d6bf085e54dfc5ceef0c82d2d695fff047c8862a796c6784249869777a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141410 Malicious code in cypress-unuk-helios-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4494f554296131e81f71e10c287e9872f5e5f8d04ec26052b06527d853f2d90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149523 Malicious code in winston-registry-miranda-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adc2ee2fc57b0b96c442dd9623b0bb7e158f3600ae026698c48e2cc04e98884 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146175 Malicious code in phoebe-rehype-style-loader-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cd9c68db65094df4f1ff7de4e1846f61961d90dbd20b968662d96ff11894c29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141823 Malicious code in dynamo-axios-vuetify-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07f3ccc278e62a86432c414a4fe672c642dea1baed087c337de30b545748280 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143608 Malicious code in ini-supervisor-ini-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b29a32dd2b265a29cfbec53f5ec524396621a56b1ac1096d46802296fb8d328f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140167 Malicious code in buffer-pavo-europa-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 511fadca6bcdd76abc46c84433dda6cdbb8f5941abba97253a8acf6946b7cb32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144254 Malicious code in lacerta-warp-perseus-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d114be1fc47db70d408c4ef91f54c6e59def37f58a787a130bd55786b6671395 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139389 Malicious code in antares-acamar-betelgeuse-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7469440b3ac7a6f8eee981d0de7d186b9e3be1eb14762415ac884f84efec9817 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144035 Malicious code in juno-pegasus-pegasus-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 818102e2d582bdb36b85162b7b70ce1601669eda16d16fde3bc826021de287b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140439 Malicious code in carpo-elara-non-blocking-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b9625c431cce9029212fb9accd6de2599b0e5c9279e513c0e674e8544d0549f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148726 Malicious code in toml-websockets-dynamo-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db1651cee518f3de25dc819fe2db60afd978bc23699dd5e3ec6371b5530357b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139474 Malicious code in apex-castor-gridsome-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9838df6fb8cb5dd397939668d3b47a828bd69186f05c69811ecc477154c170da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148408 Malicious code in supervisor-vulcan-remark-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bd09e647755e974ce82a7fe8fa31384e0ec5533ca9d8f84489011c9eeb5e7ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143652 Malicious code in inquirer-nextjs-galaxy-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27bcdd082ce996def33fdd212572b9582cbc25f6717782a182c5688ad39d01c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141686 Malicious code in dorado-concurrently-process-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76f20f6ca0676e9eff129a6b427fe940ee7a2dfa15373c2680bc0f47c155ceb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145285 Malicious code in native-backend-dotenv-safe-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 781f6d6927036e8ba7935aa91fcf468079fe5edef66c51944922fd9b13d986e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143449 Malicious code in hydra-pavo-taurus-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15061f0cc0e121caaff0c51e817e1426d95c40b7d140db63c1f74c738cea90d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145754 Malicious code in oberon-redis-luna-passport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a7dc99789c6a0bc0bffec45b88cad0cdbd527b9612b08e1c1088d1d9fa367c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144448 Malicious code in lint-staged-carpo-webdriver-mocha-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b8e050df62b8e9d79261093ea9636c346dfafd383a4b7cf736e5cdd571aac4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...