Malicious code in prettier-plugin-markdown-uninstall-jupiter-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 016a965ba834659af21a9a6e5d253b93b8c12b8879febe52cc900dcf8c2a290a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbra-optimize-css-assets-webpack-plugin-radiant-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c3a485ba71bf8141e3c611d37b28d38f948007f335340e0dd9e887ec7be1298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in socketio-rollup-plugin-vuetify-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b25cfe748bbdae6caba66a493bc7b808107e36ada1c4f2a6279623281fcff361 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spectron-webdriver-galaxy-avior-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 317bb9278d2a73a86218487b9450e0f1ae0dc5d4285a554b8aab31464d25d0f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in frontend-hydra-morgan-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2b963aa21771fb79afb2a1d90627a8185e9f4f8c71fc8ee3b0bdbd1516edec9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sass-loader-mongodb-elara-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7dacee0b3a1644a413676b09faabee48fa2c7fe4cf97c5d529b7d48e2e12965 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in toml-cross-env-private-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b88c2a543087cca637adc9f032af927567a7bb085fe36740081d91beae1d477a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in standard-callback-venus-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c54afa4fcb2836ea95ffb5db003dc4c6f9a022be7b0b74462aacc150cf13c0f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thuban-ganymede-sirius-bootes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc3e9ae9e62a1196b1a4ae777bc6ae0a4cd8e3f48f279f852f8802edfd651784 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spica-rocket-css-minimizer-webpack-plugin-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3da0c09aa3a47b37c6fa3e23aa49e0f10af52ec0d0925b725afbb6e89ba5d70b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141718 Malicious code in dotenv-parse-variables-dotenv-safe-algol-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdd4098cf7952532438e0fcee118c18ba0061965c413cfe88a091ffe48f76af8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146164 Malicious code in phoebe-morgan-install-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab149e6b00233a3917e702b778911be536e064049d6f4363b601405122a9e30e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147712 Malicious code in scorpius-publish-scripts-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81282aa28d9bccf123d240cee4bf111537ea0d82423e076ed8172e42b0f89210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143561 Malicious code in indus-child-process-apollo-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 907068498ca83a4f322fa13c07e12119461db1ab2f93983dcb53f18a4a2279a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141853 Malicious code in eclipse-gulp-terser-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a7af3a81cf4b261052c0783fd16d57e1d48f64884ecc3521a0df8cebd25a555 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147807 Malicious code in selenium-module-non-blocking-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21618fc4ab8833e077bca53b682ff77591bb0149adb8ef2c46b01844066d24d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140810 Malicious code in cli-sedna-xo-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea95c52ea49932e465b636027c985528b53c29b37dbe031de9640b0ba8b01cb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146214 Malicious code in pino-cypress-nova-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4314605ac8a292040082df3767736ead396067f88d0193a18f4a19f922f5119f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142871 Malicious code in geckodriver-lyra-terser-webpack-plugin-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 574c8f5ff036967a5e3b226fc20d99ae1fecf14ea93e18b4e9863c82e5c82e5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147013 Malicious code in radiant-development-eslint-plugin-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 293c42ba0700755d809e0cffb5dd4eee0f25f2209932a17eabac567d484bb08f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...