MAL-2025-146419 Malicious code in postcss-procyon-xanadu-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d88030c79380d58aef26fdf412d1babc87d4120c4d6920877f4d389f9dc50bd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146008 Malicious code in pavo-registry-sass-loader-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2f61238fa21b5f97c0b5d267d86f8ed1bb47f8660f3e7420aeef43de1cf3251 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146211 Malicious code in pino-config-equinox-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17aa811e4bc28823c81687216a6cfb9113a64add17518fd01d8bd0704f69b3e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149795 Malicious code in yaml-meissa-metalsmith-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4813c135c90f9f7d46aa55e10b0dc894ba8db0b83c98c60e70abb69347031ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139868 Malicious code in babel-pegasus-xml-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c99cfe63d56d39e7c66715a4797bb30032ba8dd6254bdf514d52cf979e3706c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139641 Malicious code in atlas-callback-xenos-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa94b81da2f4a6f4e376f64baa173570ef405d5befe2d774868143eacb0c594 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143814 Malicious code in janus-jekyll-parcel-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e089175016e2fd98fcc7c70267365ac25096a7d0e92459ca5ba25280086f96c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148711 Malicious code in toml-hexo-xml-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c816af0f803870e47672c841645b4a3a9fe5a554904a699390f8a94b5555ba9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147038 Malicious code in rate-limiter-google-halley-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4386b673d0345f9098810f5fc8d9358c549432be9c1f07dc0a24c3c44911e963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148691 Malicious code in titan-polaris-wolf-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9cd593eb7cd0784d0722fc9a9b4d17c974690e19d815b6ecb4f18d1ba7ba392 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139785 Malicious code in avior-semantic-release-prettier-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad1bee846b0039c60e0e0057b6c29b031b648b21ebbe632243dafe96452cfc5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145938 Malicious code in package-luna-prettier-plugin-markdown-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75efe02b19ff9ec70cbd27c5dc3b7ff7f2efe7c12ee542ff0ba4d8f933f0cf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148669 Malicious code in titan-adonis-nestjs-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb39ffce40c8af09af9eb6ddb26d2f4ef5c413bf45dbc9bbde30b530839a19e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147821 Malicious code in semantic-release-backend-scripts-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe3df3fc402b54693afaf15ba26eee4688a1020285588b66a7cf0e0431a7f767 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144466 Malicious code in lint-staged-start-electron-builder-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e73ecafc9499e1568b2977d0dd9f18f353acbc15330cf67c197d36a5ffec75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141432 Malicious code in cz-conventional-changelog-request-axios-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2893e5c2e75e23ff044c882435ef17ec60ab89de147a37064ee46865b515f786 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148694 Malicious code in titan-tailwindcss-koa-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffc07afb489f3fefb44ee960e27915b773a85eca1cca9ffa50c5c027d2283e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144450 Malicious code in lint-staged-dactyl-optimize-css-assets-webpack-plugin-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90fedf4b2f7d5f9c62ab838cb326ef31ed83b2bf95b02afbcdea9f615c976407 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146007 Malicious code in pavo-process-socketio-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc94a69e8db13868ea7b35d2460be71bc2242a9b526364d04b255093dc4a7037 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143826 Malicious code in janus-phoebe-frontend-configstore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25c37d2a1b88d64ce81d8305c6d62f9a615edc4b8d367f36f9756ac7f1b6106a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...