MAL-2025-143893 Malicious code in javascript-triton-babel-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df95ebfa9186ae43d757483d3b88f64eb4ed03558c9d23498aa6e54017e2a382 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145608 Malicious code in non-blocking-dotenv-safe-got-castor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97ec042cfe2b369dc9c550415ab4881c8b222e5b9e1b1ffd6d863083eed4048b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142182 Malicious code in eris-pyxis-draco-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c208b85d24de7d5be4b6de3acd5a387861ba181f46de1f1035b7f92b3461239b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144327 Malicious code in less-loader-prettier-plugin-markdown-pino-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 941bbebe0ee4e3f63add6441b1afb4b7612a1b5f5d02337def841b6019fc45b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143760 Malicious code in izar-meteor-nightwatch-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01d258d1a74582347b0d7071902b081a7b884336ddb8de8ea8700151566361f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139558 Malicious code in aquarius-vuetify-radiant-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adf5f6da4af39414fdfb5df6e113ae36c643af521c366f98cd6777c2ee0b13d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139397 Malicious code in antares-child-process-algol-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee989f66e1b782655eea49ace8d232ca5718d86a06908628e76997e997f869f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142770 Malicious code in gacrux-hermes-mysql-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968c91bfa918d1b575481a21e04dc8ff86bc84701ba0de6aeff412ae75a289f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142004 Malicious code in eleventy-mdx-cressida-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f74c97d401a134f9b646a3669fbb031a73c2e27575285bfc7e10c686d79f91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140332 Malicious code in callisto-fornax-yakutsk-nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92d4146fe49f7b6256b420a78fcb513ed920fd481edd057f15304dfa337fa61c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140207 Malicious code in bulma-chalk-babel-oberon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8de7c2533236ca1f801bf030137850defec575a679cb06bce65de87c0e3e9c5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144201 Malicious code in koa-postgres-blaze-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b6cdae761bee4ee4e8ae8294fde8b8c4d62a37e14f8b704bf9fa3dee5d856c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142586 Malicious code in fork-duplex-request-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e738a11e30835b56b26b4fc6d11d4de4707343ac26462423c3509933099f59d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145347 Malicious code in nebula-meissa-shelljs-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb81e90c76d751feb2f2117f1826265a6d23d702d9560c78ad944dd9b7a17ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149406 Malicious code in webpack-rimraf-eris-writable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf70ed59506b87bb301e207eb1834afa3b553ef1cdcd022c7e11d77fda8abe0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144528 Malicious code in loop-loglevel-rimraf-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07c7fb0a5770c3f5d2b17d7e71e72830405797fe2e6c21f13596cba7bd9a769 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147227 Malicious code in release-it-nightwatch-jekyll-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5796729233de51edc8c296497cfcabae7b685d63f4f1c6a8c094d2ab4513ade2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144961 Malicious code in middleware-mongodb-leda-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ac868d322cce021ae4cda8e245af3f8fa418596dc7f29ba457f1caaf7666878 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145252 Malicious code in mysql-leda-supervisor-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd5b817f89bb35456bfa48a857ce4a8495d2e3544a7f58f70edec8eb1d974d84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141705 Malicious code in dotenv-csv-jekyll-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f602ea5a4d3e70788dc52fbd3fcfd4afcd27d68f5d379ce7818d10fa011db3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...