MAL-2025-142242 Malicious code in eslint-plugin-spectron-csv-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4186d0899623ecf21329b54ac8cfb81a5c3d55ce143400e9dbe0088a6262051d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140828 Malicious code in cluster-ignite-ganymede-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14437d0aefae1e385cdcb8120bc09283f513bed896c77b0dbe800c278ed0f2d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141901 Malicious code in electron-builder-galaxy-xo-pavo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 983d68e18af0c9e813a4c53e6575cb1fd6bb2c75a355ca8f5aafe8afad1b2344 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141826 Malicious code in dynamo-express-quito-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1490d923716f91683e1e1336297f9c34d2a2418731c1d1116174716d05c11cbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143318 Malicious code in hermes-halley-semantic-release-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43f4bf20a63aa1206c571e19342f1474a9c38e5a1ce3b738b8fa656461386a13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143702 Malicious code in io-node-config-rate-limiter-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 930c2a4eb6c0a881eb361c86511cd96aead7d8a166d8915012d34c8a2e936537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140263 Malicious code in cache-auth0-ceres-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fef0aceae319d91d9ce1a3007bdbf7f467f94b6911605406bf858258ecc79e92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147169 Malicious code in rehype-galaxy-hydra-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae515cabdd377dc8f6e72c0e9f506b2e5ea246dca2b7ee74d12443ed287d875f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143238 Malicious code in helios-procyon-acamar-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b1c78fe3d841cbc1ffd9d974980201998e5adecf1b4254977630cd35006ef5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142972 Malicious code in google-typeorm-public-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fe46e17bb922cf6b54c730f90d58ae9d373c147fc77bc4648addb1455e4fa59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140523 Malicious code in centauri-achernar-xo-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a12a3d9edd9de56818674de53b88391cd2453fe22b06576d063f3b92e289a5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147076 Malicious code in readable-astro-npm-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c647e05dd037905883f77cef6440b9ac81382f0ede90b58ede2e43bfc6a99a88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139595 Malicious code in ariel-postgres-ariel-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52581d417bf9190a23944e8bbf136ab50f5700f8a2f7caf39cf0c15bc94043ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142436 Malicious code in fetch-celeste-link-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecd7a1846ff262e5c7b508f4b84abf81c837205c5ccd7d9dc7f3b32ee0d35ea0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140750 Malicious code in child-process-lint-staged-less-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f62ba95efd3f3ef97d0e9b721dde58dd83c79c4eac6b6f8b08e9fb792462089a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145417 Malicious code in nextjs-iota-hercules-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 645cceb630baacf494c208f488e2350a32af0532843877e7e691528a0e4a3949 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147917 Malicious code in shelljs-jabbah-prettier-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18bddb61334ea6ea4f7e9292f748f24c0720d8c767b4577db5696e9b37bf0c91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142159 Malicious code in eridanus-wezen-module-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db08aa8da6ac73487e2363d886d20ce680b382956c29cd219ffbbe067a61d4d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147416 Malicious code in reveal-md-mdx-geckodriver-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e66a65f7c92871312341129ec9fa61d291bde4e1563ac61a81dac4d5fb3e7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146406 Malicious code in postcss-loader-quito-iota-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ff2bf6dc026adfb7fcf087d65584c298b75dd1842c5baff878381350cd0ad5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...