1097 matches found
MAL-2025-144268 Malicious code in leda-envconfig-odin-sass-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 545debb26587667e69b5f9503887007f02cbe554eb8a038763455fc702c9e014 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141596 Malicious code in despina-fusion-typeorm-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40abb8a24d7c690b5112addea229e5308d47adda807501e929ab97cdaacc57c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143177 Malicious code in hapi-charon-prettier-plugin-markdown-aquarius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e7e91d4a997d8e612394d189efa0a0befcc5026cc5b99a3fe32f91a842b1a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144963 Malicious code in middleware-postcss-loader-vulcan-configstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99d428e4a36316610a46ca531a7cf361eacd9cf94095b45764a4a3d1e7864ef4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140980 Malicious code in commitlint-equinox-antares-andromeda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf9f4821f0ee99f48562646d82f3f69fd8b7ec96aa2acfa28f0dfb34f662d098 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-139937 Malicious code in bellatrix-figures-mongodb-warp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f312e39cb7550f1523d4dd46a9a1d0e0df309952e4138b70ec6964f280b0f8f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146527 Malicious code in prettier-yaml-commitlint-kinetic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84197f8f3211ebef49ce9b3018f98351e783404d7aee0a1de774671d75066fa7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144761 Malicious code in mdx-colors-bunyan-bellatrix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ebdaf7ddd748565865373709f059db4eebe245bfba39889caf703a67e93af7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141655 Malicious code in docusaurus-apollo-procyon-yaml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d68775694f1a02f061a9166189e1da1036c33dc0f57dd3bad87a9118563e46c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147808 Malicious code in selenium-nuxtjs-upgrade-prettier-stylelint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 964a1667e019874b43abb7713d4776387e56a594b698432319c188f692097c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in winston-tethys-epimetheus-enif (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3796b6e0948a85433990e0bdf3e3701014a6a6b5ef4f750248adba4e27d670c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in titan-nashira-achernar-carpo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4483f30bf3af73574f51a767375f451474ab54c0ac90c82e2e69c9fcd2d14b62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hapi-link-dotenv-registry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d7aff41ffcc47a9ce5cecc9896e60e7457b7563c695aa7759fd139e79d5032c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mocha-andromeda-castor-loopback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 929e6cb843cb440dd09ec05cefcc35ae1d4ca70fdc73a2c735b543f582ccde8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ganymede-uglify-js-quark-dotenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df50c36528c4a8e1bab4e35ccc450588e1ba30021f8c1a6b0fc5acae6fac685a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in phoebe-lyra-jovian-pegasus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bc32ebc49eb4d0ea415043871829bf5692929f674c9417fe1b4e19bb5d15324 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aldebaran-zenobia-package-blaze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6d5bb8a735237ea7373c3f507ac04632de6eb775b54c59acde7690da38a86ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in atlas-duplex-astro-spectron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba777d8a797ecbd56772ba0ed6f122615394e758366f76afb97e132efb482194 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in promise-galaxy-express-css-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4d73f608b623f0b3a98949eacc4b35515f0f7ef184928ce7a965fbc14ebff47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eris-vuepress-aurora-local (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a79fee7f700347a0df6713b6a5c31af9087e78bf571b35e0dcfdb79460bc8a16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...