Malicious code in dotenv-cosmos-promise-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57077612de819acf7cf711556c614e951a7d5f2f92fc0d3c785812dc62b803b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jsonp-vuetify-enif-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a0995bf6278c3b0cc799d6ef007365cf569b167a6083a421c0225b1dd6d0f8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in juno-elektra-tethys-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccd6a416be129d48542f77dac831defe147dcb7b21c8048a07c1b70bcabd3b76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in morgan-gravity-lint-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba2c3b6fa49120a558082f3637ae6ff017bfdb3678f03afdc534a33e4e801d8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pino-regulus-centaurus-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af60b4baeebc6f1eb35835dfcc99efcff2726fe3992c0c7b2dd0d6519cc5551f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rimraf-sync-koa-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 532009f657580cbf19bdbec5522f5677ade66238901cab4f4b3a95a524b4dd7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in telesto-aquarius-apex-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93c69141f3d539b7b8b758d6cba8108ee1a7af3ebe626b704d04a5561d5f7f18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139395 Malicious code in antares-castor-yonder-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d988bdba1d2463dac031e9b4361d5cf5f8e29905aa4c542b324e6cfe05c62bec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144696 Malicious code in markdown-pdf-mongoose-hapi-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb45e9bae1c86f4034644fea07fcdc86ce058c7fd78f7f663ac6c3012e4171da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141735 Malicious code in dotenv-parse-variables-readable-dactyl-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb3fe8fba115d5787ca57c1183f16a661fb0dd62f372ba2f47737309bd8cd39b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143426 Malicious code in husky-quito-electron-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8537ea6cd46b2fb0b9e192dddb173edc80c3c0f12cd7f312f1f3eef1d4ff4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149321 Malicious code in webdriver-manager-io-betelgeuse-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b7ad259d79486b5eec821e49788722b5bff497f8471dc329e58af138fda0d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147600 Malicious code in sagitta-io-mutation-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 371f55220e95098b087da7207d9ee1aad74ad9828791e58d89763a4c18cb07f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142696 Malicious code in framework-wolf-yaml-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5171dda2e66d0c63bc03ea95d0b716b25ed5c71b006bc563842e12f1b9b6ae5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148029 Malicious code in soap-pavo-barnard-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c60fb41ebbaf22e751bb38346303fce0e6f2ea2eb0e75b6a3e91c73e8781911 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in toxic_falcon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67a523c8300a06ad1b671247a199d7007231d224f410652f4ef2fd53da260af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in diverse-tomato-piranha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09cdfbc7391bc8518fc084dd05454910e1f90cd03774a8fbad364eee9ed38849 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cici-dradag80-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2dfa35c1b9aef590b0e1de14e2244b9748a074366da50bdb170bc3e2f9116bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cici-kue75-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25423e453f449eda885e7a88e0fb4cec35d259cdc90ab1ef95337887cf2490a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lina-mendoan38-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33de9bf2a6fe4180be4ffccfef5b3daed9208c15a87d0ba1e34ef5068204e464 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...