Malicious code in comet-gacrux-pm2-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7729116efe483cf849c752a73e89d5216af77a6872c275da676077adbf09f1d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in farout-fork-aldebaran-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 108e364c3a72ba84354e451e03216e5cfc26e6c2e5e436f26055b6f868d5a0fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jupiter-europa-test-jovian (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e37cc939f7b9dd9e11d6abaf23051989e7581681ed85c1f58e2ad2e96a039d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in module-lint-rehype-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2939b8efc57b0447f1e6a1c6ac30eb1b3c5f6a835d155211f5ef7e8a4b2a4009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in toml-transform-mongoose-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4c5aa347312aa9608e31732bf55144c791fd30f70ee314980a49a5e5bb3ea7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in configstore-cygnus-envconfig-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d6200864a3393beb6b64d622c2e8175095b42f4b0a818f66e6df20d44317435 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140444 Malicious code in carpo-ignite-electron-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7b7c30af3b3626ed4d0c18eee5818fbc188b087d67563e7607290b27fe3b630 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147790 Malicious code in sedna-regulus-iota-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8b8ec49fe6c4fab613bdf976a420affd1bf19ba986d1757efa996391dabf75f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141916 Malicious code in electron-fornax-quito-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca10652675c3d9394c71916ae5a4f8fdc35133680129358b10697e1f9f53871b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144264 Malicious code in leda-convict-commitizen-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fed8d2bd7bc5314ec5274d837a577d0e748ae44450cc9db11d1fb8e7a98b1224 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143536 Malicious code in impulse-atlas-nightwatch-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2a5362058eed500dde171dba02d815d28e096b76b666c352dc74d0a83129b8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143110 Malicious code in gulp-await-antares-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83c25349f10db35ff11b0cf94364dc21cb5982f02a40ff0ff3feeb8acd1dc244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148748 Malicious code in tool-passport-sqlite-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5532993780f2898962fe1e2cde7c26611b691c63cdfb4725106159dde5a99bf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147663 Malicious code in sass-loader-chromedriver-atlas-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afc8eca7c38080fbb463c3fef2953cb87fce95338e8574846d4a53c9f715036b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141833 Malicious code in dynamo-optimize-css-assets-webpack-plugin-postcss-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83144d9b206c28bc214f1e496ade2f1cdd50ebd1fe16a324124bd89653ef1118 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148485 Malicious code in taurus-xerxes-hermes-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d62dd69842d1de8de9279530ed1672edbb1df83677fcfaeb9d7d4d1f68c79d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139375 Malicious code in andromeda-csrf-got-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b156646e5ae6831d28447dfb85a6d23732f46c59aebb936a8622ec2da9d24ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148073 Malicious code in solis-forever-framework-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 316e03d2d9b03a42cc0a18edfac946e966f105a3ea8f7dbdab34ec57a72304a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139653 Malicious code in atlas-pyxis-prompts-development (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4410063892694cb79b5b19fe2c4ff02fc6d15dbf4fb3d1c26b36cb88f479fdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148801 Malicious code in transport-sass-loader-csv-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e15bff463d0b7ddaac6f7bd94080eee2e9689b135e6550355ca6b8dc74134b2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...