Malicious code in nconf-hercules-prettier-stylelint-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4de94077beec0f658f2376273e3937aaf74f02106107d2330e2ef39e87bfff2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149258 Malicious code in vulcan-umbriel-jovian-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07d06f26e3082cb1c1ae58325b21f22029f52104bff9713f2a6c644765e77df0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147966 Malicious code in sirius-pavo-xenos-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff38a4715dcb29d3f768ba1b92ea4fd7165a4fea4b3280e36bd8f66d64326d6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-inquirer-cosmos-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfef7f7c8454e3b64c77d4dba42ea2eb707e9fa4bda5a8195869d917e667fbd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143578 Malicious code in indus-standard-semantic-release-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0857932897470d06bcae252529029eb6859e79da626add35f7ce5eb8a6e154da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146323 Malicious code in polaris-arcturus-global-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56f7b2439427c477eb2eebd3e69cf7473ac0d7f57323a76a547aca39daa75e03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142884 Malicious code in geckodriver-taurus-foundation-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c037b0b5e3cf10f1a69bbb0603617df035d7e565a5da2277b4ee9e340e269e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147973 Malicious code in sirius-resolvers-pm2-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b5cbb1e0e4935676cf3ee3d871ea76f06f61c680035426f909d71303cc289f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139224 Malicious code in aether-avior-enceladus-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce1c47ba5445dda49daeca42e550f04bec27ff0a7d15fef9aba199e2ed0641f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-altair-dependencies-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8721480bde7839f065da67a511979ff2fad4f04e3c8f683f814db27282212288 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145294 Malicious code in native-quito-venus-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22cd3182705b88c0e14381b43792c9118b4bafb5d433ada79eafddb31bd3afa5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146832 Malicious code in pulsar-gacrux-geckodriver-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abcfe120a273827ad98cab31f158c503440f5d7151db9b0197fc91b9452b268a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-flare-css-loader-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 691bda64b8884a4f1061ba8baa4801188477d843430b4571326d701603b5b08c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145996 Malicious code in pavo-dotenv-safe-cosmos-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 716d370389a73f5f2d8bb1d652817fcd01c99cb04fdd4add1575b54b2c1d2d61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141423 Malicious code in cz-conventional-changelog-kastra-rollup-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38e9525cff2d4f497c1e161782ad3e5478832085c188b7182639221632cc9fee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142242 Malicious code in eslint-plugin-spectron-csv-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4186d0899623ecf21329b54ac8cfb81a5c3d55ce143400e9dbe0088a6262051d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144549 Malicious code in loopback-framework-loopback-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7b27e27c7246783d05331bd95e459820ecd9975b3cb5f76e1d50febbf6d07d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cypress-triton-figures-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e40687e2b1c78c0049facd34b47a11d95a0ff976f87f975c19d508f58cb799a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jovian-rollup-plugin-jest-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f53370f26cf3478ba29cfe3709afd2de86c87b49aacc771a6ad02106cda567c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-gatsby-zenobia-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4539e20771a5e14a396382185985a89fdd823182f16cf3fe399f24140d7e8c4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...