MAL-2025-139331 Malicious code in alphard-neptune-nashira-sqlite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c91a961cb47f375ed243b7963cdcb585a59ead67e3efb4f59c6066995c3c1b01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147865 Malicious code in sequelize-equinox-lacerta-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa3e2d46d3d517afc6557d20aa925eda1d31db589962ff1f1696639167d9e4ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141990 Malicious code in eleventy-aurora-csrf-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bd61603a8d9897e58648607455671c4b3464648f4a3f11093edac31e0a73c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147176 Malicious code in rehype-meteor-pegasus-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fa9c9bc7d00cb76bf4363eeb00bf670efaa50798ea6e6eb8f5a516d613d61f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147598 Malicious code in sagitta-helmet-vuepress-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ca2a0f227ecf5dbd238bdb4fdf614d28c9f11da0fb859e447e77910ac1e113f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146240 Malicious code in pino-pretty-markdown-pdf-altair-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 573304594207ecf8910723db18dc49d6e07edd5c5aee43c6a5ddea60ab7800f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142259 Malicious code in europa-child-process-link-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d22975fc0b1cef30e326d92c69dd05052e47b7277630c2b57b0dcf5e1986f379 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142843 Malicious code in gatsby-fork-soap-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b73e7a65de6af65020a1c45f76329317657d4f7569beaffbfa56f0471cd8adbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143146 Malicious code in halley-ignite-protractor-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 334271b13cc7ad7f0e2a713812ae5f4c6b992d1b0759a6dfa57692961ff0ed57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146142 Malicious code in phoebe-callback-javascript-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 863b7bdace3d43c148c9ec83856b8f909c3780ed176684c3d48c0716917f78d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146511 Malicious code in prettier-stylelint-mysql-ultra-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 346b072f90d39311114a92c9e9cd77f1a7d23ef5852c232fa6265d3263e30e4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141688 Malicious code in dorado-ignite-kronos-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66abf121dfd2cc9376e533592688a982b3b97fa45c1a65d3d4d3d85a8e1cac52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143736 Malicious code in iota-orbit-sirius-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eca1f11bfc43988fb9609e136bfb0d522a271e885abb7654c703b5719af059ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144385 Malicious code in library-prettier-stylelint-semantic-release-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 048a235ece038bdbb37f29922f586e5674b5501de5239c0a7b67a15de6fa8713 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142887 Malicious code in geckodriver-upgrade-upgrade-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e7eb7f5199d42872864bccb85bed6da5647e35478b981e790fc8cdea403f99c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in heroisme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b6e16d141e590aaba3c9f7f6e4903a270e1f51fa0b246cffd19585209ea0962 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in living-amethyst-otter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6486a5d43474649c11227f0aeb85bf1a69e39679f755b9069d017290d3e1f4e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138861 Malicious code in mature-beige-turtle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46b58ac1ce1747ab82066cab5e94a6bbb54369ba4c18c7646b95d182045d2e73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gita-lupis61-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46bb3eec7560255f72f66f10e7768ea8808c0c2742cbcd7e56749b40a9ba4f9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xaver-tapai89-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62b7e75d44f9a0032e5b603e20c2daa98c688a9e9062592a2a35ecf5bbaf1091 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...