MAL-2025-148347 Malicious code in subscription-airbnb-europa-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93def4c8b79f60fa808459f0c3eb104c1782bc6573fefaa8f6a433cbee409cbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140482 Malicious code in castor-cordelia-neptune-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3d9a9fba927e5ca91691c321ca12735df0f533a460cdd3bd694d732f2b364e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146057 Malicious code in pegasus-superagent-await-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 433c64b86140160dc79b6d62fce33d4cabe64d2086fea84910897f2956dc9cd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144032 Malicious code in juno-meissa-electron-builder-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21c5ab002ce179a55f0a3e800837dcb74582c94b814ef5bca6c96140113755f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139512 Malicious code in apollo-fornax-mdx-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01371186693cd024e100ee510bb53e5d734a9461fbc86607990f005fe83045b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140349 Malicious code in callisto-readable-europa-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9db60a5246fcddf3c7698341dda6b5fef26f7659978b69669b34dd4547503b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149170 Malicious code in virgo-semantic-ui-jekyll-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5d4e3e628d28d18ae33ed261c564433b0747ad9352364187f69369a139f24cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145907 Malicious code in orbit-hydra-test-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c07e9826c7bcfe2f3fba90971dfc109aa47a799c8079f02becdfdaea244b9e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in iota-astro-ophiuchus-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3fb2505e9c00b648160e9998edbd8d5d7c5b389069ddca7150a5c3cf789f7df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jekyll-delphinus-buffer-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b5e8c03989ae055f37acf391f30e62c3186125cb4d040556c28201b59b96f6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147863 Malicious code in sequelize-convict-wasat-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c8a371ffec811bbe299709921e05c8eb65ef5d526eb298988dbcbb38588651b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140365 Malicious code in canopus-nextjs-cz-conventional-changelog-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3bccbd45c710b8f6f1f3255a43b78cd7e70beb6efb60b17e950621c6b86d8b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148409 Malicious code in supervisor-zenith-ganymede-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a90b156b9a8819e787140ca064ef027ec6699605edd77ecf43ee17d3936bcf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144181 Malicious code in kinetic-pino-pretty-centauri-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a32af7d0f49e379c176a6e6103f86e25cb05acecb7aad3d0e0bb45637def324e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140293 Malicious code in callback-antd-transport-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6569a662a70325bcc24af5690240507a958b0858db69dd698905ea5bae8443b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142829 Malicious code in ganymede-xenon-public-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22712844b046b055495c9f267eb2ca2d0528d3206da37d3cccb5acb32f064412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146516 Malicious code in prettier-stylelint-rocket-ursa-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5424b489454186531a8bc8fdaec473d76a5c45ea563cffc4e4ba498b961678e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141866 Malicious code in elara-canopus-markdown-pdf-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f38843c29d07813f9a3cf2ca91391300a174e390362663776247729b76a079c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141923 Malicious code in electron-nashira-deneb-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b6bba061dc6503534fe0cb96c556dd9eb19f586a2cb1797fd05c0f28879fa75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148964 Malicious code in uninstall-perseus-duplex-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb67855a44d0be92f1df1e5320c81078eee07d1544db5ad18f99cf2180778f00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...