MAL-2025-144956 Malicious code in middleware-fornax-cache-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30451cfcb018e07948d2bb2cd56d9b18dbeb975f403070768ae3c9d68285cf6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145204 Malicious code in mui-mysql-mysql-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089dc09fc9fb3f57c1f9e78a954418a64a29db65194c700ebe3e78748d414fe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145608 Malicious code in non-blocking-dotenv-safe-got-castor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97ec042cfe2b369dc9c550415ab4881c8b222e5b9e1b1ffd6d863083eed4048b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144572 Malicious code in luna-module-polaris-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 292b22a04e5c06ed11440c18bc5d5e0de585f99420c30f90f179b1222075e8ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149161 Malicious code in virgo-neptune-rate-limiter-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1fb0f24eab897236a8f82e3344699506bb8f68e405e72048c7db8a045739259 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140190 Malicious code in build-readable-react-bootstrap-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e775b6d0ca701f5683b2d7e970cdfefc9a9d539920c94864c59683252009ab1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141808 Malicious code in duplex-elara-charon-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 494f2037fcf883fe2bf066df716f3152638b27ffc4349a02c360667bd18cbbf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146602 Malicious code in procyon-kronos-materialize-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ced02c917dca028be82a66f333ee6a3354a49e9e41ad42fff078c5d42473318 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141428 Malicious code in cz-conventional-changelog-procyon-remark-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c732a75d8b1028732f8e692b70aa16efe1be01bfe1e238335f1dc2b52dfa0b0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140349 Malicious code in callisto-readable-europa-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9db60a5246fcddf3c7698341dda6b5fef26f7659978b69669b34dd4547503b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147854 Malicious code in semantic-ui-perseus-firebase-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 434d4e5d4dfaf9d49ee0ae359f833596501a2b8580d6d1017a79d5082382164a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142470 Malicious code in figures-hyperion-selenium-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a73c967d261d802ac6e60fdb8f74ffeab4bddc6099683bc614752998614c345 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144736 Malicious code in materialize-celeste-eridanus-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d702a92f89ce951ed0dd9e020041f48c12217dd201c89f2cabf03056e73fae3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140238 Malicious code in bunyan-airbnb-hercules-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 902c506105d9f9aecaf0110f61001522b5075ad62329ab9cf6b79c9f6f56cf68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142004 Malicious code in eleventy-mdx-cressida-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f74c97d401a134f9b646a3669fbb031a73c2e27575285bfc7e10c686d79f91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139898 Malicious code in backend-wasat-ceres-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78977fc84c2e7c36ed3f9a84b4d2226faeeb53aeda92309a9ebf36bcdb7a06ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142907 Malicious code in gemini-nightwatch-janus-lyra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d80540366eb681c89a52dd816b4a254ea23facb053fadf663e40828a96abfb73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jekyll-delphinus-buffer-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b5e8c03989ae055f37acf391f30e62c3186125cb4d040556c28201b59b96f6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148013 Malicious code in slidev-xanadu-xo-castor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf83cbecd9577fec842ad64f7f847b168a1ad3aafbbfbceda5b0741cc06aac2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146842 Malicious code in pulsar-radiant-cypress-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3178bfda625ae6afb0496687a9c92e24aae195151c40703d0a50c6408ee55d3e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...