MAL-2025-146706 Malicious code in proxima-auriga-luna-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fc49a5534846ee216e1649c7299a0fb3a5fa939dbe2741ab3b04cb4e71e15b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146495 Malicious code in prettier-plugin-markdown-sedna-sagitta-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 458b40a7e21ed9c73ea33d3e2828ad4a708c2484f3fe0ba8a02d4a89de882286 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141829 Malicious code in dynamo-magellan-standard-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd0e6537f0509af7748578bf409c68509f2a78dd654ab1e5524a808f98d675ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140746 Malicious code in child-process-foundation-eclipse-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c4f59859c4a243e08dd39070370b2f65a3c8c6d979f8032023e0bd0b311b12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139512 Malicious code in apollo-fornax-mdx-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01371186693cd024e100ee510bb53e5d734a9461fbc86607990f005fe83045b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139456 Malicious code in antd-google-hydra-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d85f40c521d390c13055ac239cfb90c2232db83fd4b38f76c3648973e735190 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142147 Malicious code in eridanus-install-supervisor-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab1376bd5cb9c0baf92baabed9c0684dc0c88040e298eda6fe848c4b721834c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148030 Malicious code in soap-pavo-terser-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9ffff8cf6a504a54d7a9a9b8193efbb4dfc00ae43a56bc384e678ccea487576 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142485 Malicious code in figures-version-carina-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3513c6b2aae948d358ed83dec49f13f53edd21ddd9d26e0a8146e9d9bfc18824 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147259 Malicious code in repository-canopus-csrf-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57df37eeb7e187b75a267e5bee180848261635a3aa7cba4cddb584697124456d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148347 Malicious code in subscription-airbnb-europa-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93def4c8b79f60fa808459f0c3eb104c1782bc6573fefaa8f6a433cbee409cbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143383 Malicious code in hugo-chromedriver-koa-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c47f5de9836cd70c00ea3485794cb4fec4e708979736fa89733fbc1bd82ba97a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144396 Malicious code in link-algol-nuxtjs-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b859eb9933bb6f0230d1839ca2c981f687fb0cf285bef87f4eca1f31d5883ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149361 Malicious code in webdriver-mocha-run-script-kastra-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9330f8382414519d87d54d1c2a7975ad454615e35b28607ecca8b6e78e0e8a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149900 Malicious code in zephyr-zenith-configstore-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1190e910c0d9525842cb1b622a23dcdb6d56ed8baf21821891533ea0f4e2290f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145331 Malicious code in nconf-tool-magellan-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a68a8262a254f0a9406a021375b356e800849625b8e96972eca8a227193dce94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145414 Malicious code in nextjs-dynamo-gemini-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6762dff6c35a79769f64aff5cba24b6d655d7829549908382bff12256f004d89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147982 Malicious code in slides-apollo-cors-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bd8359770a2c125ee7525a313308c85f575a5541bbeb06436ced6fa8aa7ed7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149156 Malicious code in virgo-global-superagent-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d8563f28a2a27d7861250bad8476d45d2682ca1232f97b8792980d923d60542 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147816 Malicious code in selenium-stream-fetch-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 479f119c5107d1516e05ddb76327a4fd1f0c2d0d7b498d4f65b97ed857f87e31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...