MAL-2025-141279 Malicious code in csrf-betelgeuse-cygnus-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c77b5194fdd81baf33b609c4c8bec12292e4f876f06d7af237dceb2a0d633b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148425 Malicious code in sync-jsonp-less-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01ef6cedcae0b8171fc191b67ad90dfebd8ac6e394c7ce662b8e558b22e9d56b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144396 Malicious code in link-algol-nuxtjs-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b859eb9933bb6f0230d1839ca2c981f687fb0cf285bef87f4eca1f31d5883ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144788 Malicious code in meissa-altair-tool-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dfcb585bb376fa6399f28e68f625a5eba7bfffbda84afbbf3dbf4877a5a221f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148399 Malicious code in supervisor-pm2-phoebe-jsonp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5149d22e1e90da59bfbf90b2942e07d4d2189b45634af8923084ab8304f538b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149434 Malicious code in weywot-centauri-betelgeuse-cosmiconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bafe0b1da72ba80dc7b25c64c276cb0cf185fbaa03daba66d25a86ae356dd578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144348 Malicious code in levels-adonis-wezen-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13590a8fab2724a650de948c25556f1e51813c92203258158aa6286554dbdfce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147809 Malicious code in selenium-pm2-titan-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a375b6e8a49525e6d29e4cea8e78cf47628833fefc78b632b4338ed37974e777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141705 Malicious code in dotenv-csv-jekyll-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f602ea5a4d3e70788dc52fbd3fcfd4afcd27d68f5d379ce7818d10fa011db3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142182 Malicious code in eris-pyxis-draco-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c208b85d24de7d5be4b6de3acd5a387861ba181f46de1f1035b7f92b3461239b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146941 Malicious code in quasar-bulma-tethys-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8e67c18daeeacbb5f975e2833c77be01cc75cd8706f8f443d850d65db26167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142625 Malicious code in fornax-hermes-soap-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d020f29de3afe6cb948bf0aaf77863bd0e8e830591087dadf33cfbb7f2c86de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140746 Malicious code in child-process-foundation-eclipse-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c4f59859c4a243e08dd39070370b2f65a3c8c6d979f8032023e0bd0b311b12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149074 Malicious code in ursa-schema-norma-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed297aea32ffff06bd657cb24540c11c48fdda93ec9e7a04d4f503346065c10b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145524 Malicious code in node-config-warp-resolvers-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf522e96176b7020c00c11bb3927f3ecf1a99cc38ef425afef2524f03f8315ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145287 Malicious code in native-cz-conventional-changelog-meissa-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bac21f13b4b7614fa1c9af0606fd1809d609ba57b1a9f0340f11c23f245f30b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148269 Malicious code in start-deneb-gacrux-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6217f63bece54cd97f2cbf64265aa70fc2de9d8e2e0c835429695d2d46ed483 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139752 Malicious code in auth0-materialize-electron-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ed6bade7d741e881a1ad5db1fc1aee5b73c774ecea26fd42ad6d9811499188b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140274 Malicious code in cache-jekyll-pavo-centaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b711485d592350a6a83a3dabdc407a543fc87d03c86434e29a65601f32010d14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148027 Malicious code in soap-neptune-xml-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d327794d3d63355fd3b82a37c1cf56cb121b8c18a4643bb1c3ba725b7123179c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...