MAL-2025-145414 Malicious code in nextjs-dynamo-gemini-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6762dff6c35a79769f64aff5cba24b6d655d7829549908382bff12256f004d89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144819 Malicious code in meissa-ophiuchus-less-nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8518a814cafbac1fe3b24bde9c440231a89ec97e3377a71c305e1bb5c795f498 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142419 Malicious code in farout-neptune-dione-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c0c1d2d632485105b695892cfdf331ec228fa9c0c4b44667c6207987bd0b91f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148801 Malicious code in transport-sass-loader-csv-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e15bff463d0b7ddaac6f7bd94080eee2e9689b135e6550355ca6b8dc74134b2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144449 Malicious code in lint-staged-commitlint-global-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 304b77175b845c66db53476f7ce9d03f92d733e55c29c84ccab5770fe6f45bc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142470 Malicious code in figures-hyperion-selenium-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a73c967d261d802ac6e60fdb8f74ffeab4bddc6099683bc614752998614c345 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142429 Malicious code in farout-yonder-convict-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5c5ec00308a06b9e932a7c73d0618dd1b9b6e1848c2e94c2472b36c9395c0b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144199 Malicious code in koa-pipe-dorado-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5757fe0f704af36026b30b821eb55e1852c529acd48a1a22c9417e571e4f8ef1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149036 Malicious code in upgrade-vuepress-pm2-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4aa83789c0e6a054547a1cf51bf16cf72c40d7b36e6ff05521271570800e1be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147039 Malicious code in rate-limiter-hermes-eridanus-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03f0477fee44eef063dbf923c1cff622b1f8d7342d1bbf8a706c43e1a8d279d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140293 Malicious code in callback-antd-transport-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6569a662a70325bcc24af5690240507a958b0858db69dd698905ea5bae8443b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148654 Malicious code in thuban-less-loader-spica-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f75cf876aa95769e2ba3d7933527e5c1a77fc9d3cb34fe7dff7f4751c282c6b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147914 Malicious code in shelljs-heka-sass-loader-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5871ea757e490a9e46ade975af00b2bb098c27078665ac19ea9b198e1328385d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140959 Malicious code in commitlint-config-angular-commitlint-config-angular-solis-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bb3f567bb082a9917a4e38dbb29310a4010b6d8c0b2d6a2016a2ee5698ad2f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144528 Malicious code in loop-loglevel-rimraf-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07c7fb0a5770c3f5d2b17d7e71e72830405797fe2e6c21f13596cba7bd9a769 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146941 Malicious code in quasar-bulma-tethys-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8e67c18daeeacbb5f975e2833c77be01cc75cd8706f8f443d850d65db26167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148327 Malicious code in stream-optimize-css-assets-webpack-plugin-nodemon-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fae29f63ab3edd79a6f27157b2a92d2fd2d219f65bf803de9275b448418c9dba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148375 Malicious code in superagent-castor-mongoose-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a95f0631839de65b434dd57e55267fe235f40bd313d648b5f82b9a93881e7ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144433 Malicious code in lint-async-ophiuchus-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe256531bfbaf8c707e1190eceea22bcdef245f3ba69e06e9cfaaa55ddf58338 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147524 Malicious code in rollup-plugin-version-mini-css-extract-plugin-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32e3535c552ac62bb6f7fd42e81af5b0e1f6a4b00c9cd58eb684860eb9003e0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...