Malicious code in lint-staged-xerxes-repository-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9139a900e53769bc31e4a3c68db8adba88b9271bf86ea79fda3761e3b0954062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-io-mutation-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 371f55220e95098b087da7207d9ee1aad74ad9828791e58d89763a4c18cb07f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-webpack-celeste-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa12f890f68cbb366704ee095227553735267d49479da3997e9aa7a3e69d9b93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in altair-soap-lacerta-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8800c382bc665757e646f163f105123c1e11b66071a5ba311e2158fb8762a7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147323 Malicious code in resolvers-eslint-markdown-pdf-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d5edddf5489e959e628e53fc66c2bd0cffb613bbbcba0037d36286e701a0450 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145512 Malicious code in node-config-juno-install-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0607f694a245a8b1cdbab9bae5459fc129030729b93bd131369458ec27cb9c38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149503 Malicious code in winston-jwt-sails-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb006c2b2793dbbcbe5f7a7f5b52c5850abecd1b69042e481b38dc15078b81b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146789 Malicious code in publish-impulse-package-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 195a18bbc2c340fa49445c8f98d48a8db2dd0d999cf1608f8d386a97d2d7cbf0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143029 Malicious code in gravity-react-bootstrap-commitlint-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb22033e71a11b9b4e5ea920eae840ead86fee21e944aa895a89667612aee75e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145767 Malicious code in octans-cross-env-json-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 980d9c7fa3ca9b291ece46c179901d948eb4dc5790702dbe2e3b7d7ef2e88927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141398 Malicious code in cypress-got-cosmos-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9addb44304aeec18fe9b6d70f4956e43888da4157421cfcb2c2d8717a08146ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142156 Malicious code in eridanus-superagent-enif-nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b5f582d1fcc8b43d9206c0d7ff651f4fd9297da9b6c8bfcd5c44adbf762e6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141288 Malicious code in csrf-levels-terser-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0119e00e1c8dc62089028a6be74894353bf9c1eabc5460e57721cdaa4ce24bf0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142021 Malicious code in enceladus-auriga-janus-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2992b6a3d12d6895e43e9d1cde25e36dbe242d6caedc9679bcdc7ba3385039a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146842 Malicious code in pulsar-radiant-cypress-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3178bfda625ae6afb0496687a9c92e24aae195151c40703d0a50c6408ee55d3e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149036 Malicious code in upgrade-vuepress-pm2-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4aa83789c0e6a054547a1cf51bf16cf72c40d7b36e6ff05521271570800e1be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148540 Malicious code in terser-triton-element-ui-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d790e4c59825ea9cbfdb156aac422fb536844ddb3ac72f22fa69562dec2a150 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodejs-csrf-dotenv-safe-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d26fd12eee08a4f07fcaba1a5843f9168cb580449aa6d44aad362c006e15aab3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142303 Malicious code in event-aldebaran-nightmare-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fd78dda52ef11c256ab005616998f64e0293229ae1c26709e75fb37b2b77547 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stop-colors-native-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab01a52a3f41b139889ce3357bc601b3f2ca49d5a2913f21185e024b9c3e0aba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...