MAL-2025-140750 Malicious code in child-process-lint-staged-less-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f62ba95efd3f3ef97d0e9b721dde58dd83c79c4eac6b6f8b08e9fb792462089a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148615 Malicious code in tethys-cypress-spectron-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 988f5b93fcef7a82e01b3fd236a72124b874972ae27458fcb2eabd14f7bb9eb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140745 Malicious code in child-process-fornax-ophiuchus-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e62e14ba578f9389f96c9befb8dff2098b3c6d0e1be62aca0d7dfb57d570ef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148517 Malicious code in terser-eslint-apollo-hercules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6abd831119b104609936a6a3bb0b6b7570562aba1fdab4618704795897a51640 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147295 Malicious code in request-hyperion-gridsome-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7865deb1459e7037f7abb2849c9868bff4ee00079f4c78d1fe2341bb6e0fb540 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146361 Malicious code in polaris-playwright-proxima-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7ce5a8acc186e4762e4831633d633f82fe9434b7428f24bfe3ed5bbaea92da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148625 Malicious code in tethys-non-blocking-hexo-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d885f6678a047d144fa23ca12189e3691db1ed724e104927120acef8a43c47e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142951 Malicious code in global-toml-vuepress-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6a8cdb722e96e67d2348f504d26379d9b7b8862df3266e39cbf1756954a7aa2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149211 Malicious code in vuetify-ini-framework-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1ea7eeee9dc7efb74efdee65854ad1c7cafd35be5c51a28e7a4f8938efa4b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141818 Malicious code in duplex-procyon-polaris-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f150630be124e004b880b0b1ddb3db1a1a90e4dc246b805c544c181e3e6f32e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139254 Malicious code in airbnb-gacrux-concurrently-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f902fe71cb86fc56849ea755fcc2c4cb1b0f2d2b8b5e2ba0e79f9a3113e4a17c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143210 Malicious code in heka-ophiuchus-cache-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a88089822f8c73b5b0395551f87a7a085394fb6497c4c9d5cc2a81edb29f61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144561 Malicious code in loopback-readable-meissa-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a2117bd95d718c11d1d7d6fc5d2cb578836a47b121782b374e510f1375c7c4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146832 Malicious code in pulsar-gacrux-geckodriver-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abcfe120a273827ad98cab31f158c503440f5d7151db9b0197fc91b9452b268a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139224 Malicious code in aether-avior-enceladus-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce1c47ba5445dda49daeca42e550f04bec27ff0a7d15fef9aba199e2ed0641f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142884 Malicious code in geckodriver-taurus-foundation-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c037b0b5e3cf10f1a69bbb0603617df035d7e565a5da2277b4ee9e340e269e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147973 Malicious code in sirius-resolvers-pm2-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b5cbb1e0e4935676cf3ee3d871ea76f06f61c680035426f909d71303cc289f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146323 Malicious code in polaris-arcturus-global-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56f7b2439427c477eb2eebd3e69cf7473ac0d7f57323a76a547aca39daa75e03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149258 Malicious code in vulcan-umbriel-jovian-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07d06f26e3082cb1c1ae58325b21f22029f52104bff9713f2a6c644765e77df0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141423 Malicious code in cz-conventional-changelog-kastra-rollup-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38e9525cff2d4f497c1e161782ad3e5478832085c188b7182639221632cc9fee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...