MAL-2025-139868 Malicious code in babel-pegasus-xml-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c99cfe63d56d39e7c66715a4797bb30032ba8dd6254bdf514d52cf979e3706c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149189 Malicious code in vortex-postcss-loader-auriga-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d10ce1ac30588bafdfef6bef36489e659c355f7c931e391a7ccbe7e2dd3712a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139785 Malicious code in avior-semantic-release-prettier-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad1bee846b0039c60e0e0057b6c29b031b648b21ebbe632243dafe96452cfc5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147038 Malicious code in rate-limiter-google-halley-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4386b673d0345f9098810f5fc8d9358c549432be9c1f07dc0a24c3c44911e963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in start-husky-nightwatch-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20316704e355b8f90ebd7ca6957fb6a2bac05276f95761d8281561f3a11757a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in telesto-zephyr-cache-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33571405bfa84576d662602f2683b141983534b474d08b251713f2786dc45183 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in charon-mongodb-webdriver-manager-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 719507e78d4a240a81ff2a2584debd3766c64620848ed3e73343cdecb3c0d3ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-magellan-cosmiconfig-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 894871c32dec81809809ea575078f376ee66a5c707755a567776c6915122c4e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142325 Malicious code in event-spica-gridsome-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6f0c6290eac850e1d6c4cb0fc81023c3fbee17e9f5b5395d1c16f9dc4ec4e83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147040 Malicious code in rate-limiter-inquirer-helmet-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33dd4cddc96896d40ee6f3f9c64cf7de5a2e37e3997f009d4fcc5ee329ee3491 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141889 Malicious code in elara-style-loader-comet-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab4c1c4efa7b3926279345b2e9565aada7886b972c1b9b8ce7413517ab3c5ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139641 Malicious code in atlas-callback-xenos-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa94b81da2f4a6f4e376f64baa173570ef405d5befe2d774868143eacb0c594 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143561 Malicious code in indus-child-process-apollo-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 907068498ca83a4f322fa13c07e12119461db1ab2f93983dcb53f18a4a2279a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147712 Malicious code in scorpius-publish-scripts-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81282aa28d9bccf123d240cee4bf111537ea0d82423e076ed8172e42b0f89210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142563 Malicious code in forever-barnard-style-loader-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73f68bdb51fd979c6a46b6e31460a22991df841e08029da5c687d6fbef3a4e92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144095 Malicious code in karma-build-sass-loader-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a0a1706c5747b57ad2a3fafbe469c5561cf6c547799ef10865bda8f35e773b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145404 Malicious code in nestjs-sass-loader-pegasus-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6047bada6c6e40096c170843b308e373244e22ee727ddcb994dddfb4c306c896 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145686 Malicious code in npm-norma-remark-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e12b4a51a9bd51375eb46efadb9d9a3ed0b9a9efa29da69be155f816c9b3e347 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141371 Malicious code in cygnus-jupiter-markdown-pdf-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7edb7d85694a3c456255640009a7fe882ffd52efbc00bf4ee4c78c1d16712c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144176 Malicious code in kinetic-lint-staged-commitlint-config-angular-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb0ccf783d99e2f174768c7a2d194db3957b6b4005ac8c4e3b73a310d979249d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...