Malicious code in cross-env-mongoose-juno-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4ed32850119f2ab08cc8fcad8533e7034e3c689822c26222db357b516b7554c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149855 Malicious code in zenith-mutation-enif-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 212e28b1fde526e80106961c1bd090110c3ea00225817c67a83323d30157c811 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145294 Malicious code in native-quito-venus-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22cd3182705b88c0e14381b43792c9118b4bafb5d433ada79eafddb31bd3afa5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143318 Malicious code in hermes-halley-semantic-release-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43f4bf20a63aa1206c571e19342f1474a9c38e5a1ce3b738b8fa656461386a13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145108 Malicious code in module-lint-rehype-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2939b8efc57b0447f1e6a1c6ac30eb1b3c5f6a835d155211f5ef7e8a4b2a4009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in csv-neptune-fetch-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb24c5d3b535a0b5cce2ce3b89a0d36c4c30e0fdd5322f5b0ca38d84d577bbdd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yildun-nova-leda-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f05ae0cdb022e3b71301a0323b96a75c7edd172085ff157e6da24b348969c13e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-ophiuchus-promise-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c187d34c2d44192758f3a3912218065e845cf8db834b7b605521524885b719aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mocha-hercules-auth0-weywot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c0a8d0cd21f821220e7b075d93263b825737c0f630c3efd8dc80a94ba767298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mui-mysql-mysql-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089dc09fc9fb3f57c1f9e78a954418a64a29db65194c700ebe3e78748d414fe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-aldebaran-centaurus-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 848c05467d4a74d0a113c3fa27e3891f6fe22ecb24978863656a14c2c6810b62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in playwright-cors-bulma-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fe1fa01ee2f04af77ce20ebd02184ddf94ed2d21d9d64f82efe3f412236a439 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146832 Malicious code in pulsar-gacrux-geckodriver-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abcfe120a273827ad98cab31f158c503440f5d7151db9b0197fc91b9452b268a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-flare-css-loader-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 691bda64b8884a4f1061ba8baa4801188477d843430b4571326d701603b5b08c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140780 Malicious code in chromedriver-oauth-janus-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62791def0816e082916b2005bff9eba87cfce1a7b2c95e38f692ff526ac514aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145996 Malicious code in pavo-dotenv-safe-cosmos-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 716d370389a73f5f2d8bb1d652817fcd01c99cb04fdd4add1575b54b2c1d2d61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142640 Malicious code in fornax-mysql-bellatrix-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22bad8ead92b1bfb381b56cccc2105b1947b8cd2bdc46a1e6b12690cf923b0bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147076 Malicious code in readable-astro-npm-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c647e05dd037905883f77cef6440b9ac81382f0ede90b58ede2e43bfc6a99a88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141735 Malicious code in dotenv-parse-variables-readable-dactyl-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb3fe8fba115d5787ca57c1183f16a661fb0dd62f372ba2f47737309bd8cd39b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141423 Malicious code in cz-conventional-changelog-kastra-rollup-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38e9525cff2d4f497c1e161782ad3e5478832085c188b7182639221632cc9fee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...