MAL-2025-144969 Malicious code in mini-css-extract-plugin-callisto-vulcan-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4fefa2b8aac08eb3db27624e6a94ba26bdf920229211f6b3eeda2ce26bd6c4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141992 Malicious code in eleventy-callisto-forever-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 447abbef07e2169825384d0a4f6cd21674555dac84ac23aee274c4866a00fc20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142419 Malicious code in farout-neptune-dione-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c0c1d2d632485105b695892cfdf331ec228fa9c0c4b44667c6207987bd0b91f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147414 Malicious code in reveal-md-koa-venus-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91ab8f90e8901da10b0e96c0a7884fb5d5c27e5bb8292bf8a333c83e5161a0cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142350 Malicious code in exec-markdown-pdf-lyra-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba57287ed1f74c1a4a3b805756b3c4022fb5695ff5ffedbc4695321e339df30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149422 Malicious code in websockets-graphql-regulus-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bbbda8427ea6dbb869b1b65944d6ea5190110070e68da12643f4631637ca0a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146560 Malicious code in process-nashira-alphard-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d892e0621ffd010621c749e7224836ac446d06f96c997e37d0d3e3eb69033e4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144916 Malicious code in meteor-iota-xanadu-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 575355204cf2d8533897eda0e081bd9259ae4c69d20cf2c31ede843fd5cf5beb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140677 Malicious code in changelog-pino-pretty-webpack-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9d6638b975900b50323b6e5574a6f9015943249473e10e8dd1479c4597b329c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140766 Malicious code in chromedriver-development-meissa-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85b0cce58ca27bcbee4953b748ac079795ae9012a13e66e88460614385e7f92b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149759 Malicious code in xo-wolf-perseus-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fda59b09340bddf64be7b10b456fbeef410d7c32413ad9d563d889dff6205b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146731 Malicious code in proxima-protractor-mira-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05006d9d7135e2d50bc05fbcb93a478556d9f31bc654760d8bbe915920ba941f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149243 Malicious code in vulcan-leda-auriga-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5086134f060f78e8bd2666915ded5575a2b0ac781abe295b75d87751eb90fdc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142770 Malicious code in gacrux-hermes-mysql-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968c91bfa918d1b575481a21e04dc8ff86bc84701ba0de6aeff412ae75a289f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147620 Malicious code in sagitta-spica-acamar-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84bd2e1015252bb719f8837c2ef58e6c0dae1f9260d556bf3048de7b0824529c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141731 Malicious code in dotenv-parse-variables-phoebe-procyon-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25727adf9796499061bfc2db2588d0ea8977bae2875b159d01c443e8a78f9aa9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144956 Malicious code in middleware-fornax-cache-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30451cfcb018e07948d2bb2cd56d9b18dbeb975f403070768ae3c9d68285cf6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139397 Malicious code in antares-child-process-algol-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee989f66e1b782655eea49ace8d232ca5718d86a06908628e76997e997f869f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144691 Malicious code in markdown-pdf-frontend-rimraf-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d81956f1b9dd174b55f6d0b1296d2a4ae9ca30a4a82a3c848a5a3a4d3c331e03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145662 Malicious code in nova-nebula-centauri-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c7520c5cd83a0689a556b5e49fa9a4cdeb636b6faed4591bacc123fe16efda9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...