MAL-2025-143639 Malicious code in inquirer-betelgeuse-perseus-centaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af856ce8424780e448bc2e4ae72c9e125282095bea8380baf39f32da29543d4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144588 Malicious code in luna-xenos-relay-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c975620d825a283af00eabd79645d08b0c38867f081c7fdc2039d5129aebced0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141505 Malicious code in deimos-sass-loader-quark-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52a22eeaf7193178e07572505c50525a46448c1593b64c2716457af244a18411 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140090 Malicious code in bootes-sadr-epimetheus-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7187ed92b4f0fa96ef7df782f26c59bcdeb9ee008077d0be627c6ee0307554 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143135 Malicious code in halley-dotenv-parse-variables-hermes-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6721a07f0aa63d30da176b4c3573e64f3b5986a4ed416aa41fa6596c124b83c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143896 Malicious code in javascript-yonder-mdx-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a05bd12471c26111582fb880b7b86a83151e218c40d900842b30e9e5b6c8b84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148243 Malicious code in sqlite-transform-luna-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb2e1c0baf148c725b306ad0cdbbc0621ad0c6b25c3f9486da86908af334f598 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143598 Malicious code in ini-polaris-levels-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b6dbc7245de0f6cf4378d92b3378c6253e0975faa4c370b06975f43e67a388f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148352 Malicious code in subscription-css-minimizer-webpack-plugin-carpo-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4650e80b2c1aaee9d51649d798ab8b1dcd57d9d7758ab69e3f31252ae44e3485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144477 Malicious code in lint-xo-ceres-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector daa7e2a9508eacc4043acfb139a17de0eaa316004f37d0113aea6b9de678ee44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141454 Malicious code in dactyl-schema-commitizen-xanadu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7746f3e8f99af9c8c47f87b8f62362e5608f4873351d72567cbf9894e781f07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144761 Malicious code in mdx-colors-bunyan-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ebdaf7ddd748565865373709f059db4eebe245bfba39889caf703a67e93af7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144505 Malicious code in loglevel-changelog-alphard-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65d395e043fecb51f3ae6e80dee7c17f2dd39951144372bae08fcb292c682706 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149142 Malicious code in version-mongoose-cors-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2279c51867e3bcfa98c896e4759ccbe31ff9fb080811277a35107fc44962b9d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148765 Malicious code in transform-json-react-bootstrap-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee56afed477b3208f399ace13da17ece3997d082d7f14dd42a008e1e2715e635 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145380 Malicious code in neptune-sirius-nova-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a425c2a2e2163355f23cd42636cdece7939ba05d368a64b535bedf1a4bf142ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142367 Malicious code in express-auth-registry-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec068853f97580dd89c495e698ab8c8a2106c601302c5315c4b5fd9a753ce00e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143310 Malicious code in hermes-configstore-eslint-plugin-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b3bdc04af03af34bd15360b61efcf854164c41b3154458686a6e8af98453a21 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143668 Malicious code in install-bellatrix-firebase-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b752ffb2acce4c9001188ca2eabe54ec54f0e1d4c39be203e5b4cb7260b9c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146918 Malicious code in quark-aquarius-eslint-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef150bf2f6492d4b3a11aa781ebcc8b2feb63ab32cb4e23d322a78ac538fc77e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...