MAL-2025-147843 Malicious code in semantic-ui-convict-centaurus-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 177cb7690e3257e51d0d35be4fdaf3f3035da7d9eb4de02ddd3373e58cb79f5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141901 Malicious code in electron-builder-galaxy-xo-pavo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 983d68e18af0c9e813a4c53e6575cb1fd6bb2c75a355ca8f5aafe8afad1b2344 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140320 Malicious code in callback-vega-ganymede-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dba68ef1ecbe1a9f3230f0d417d74740cde111180171008aa80948ac046ba77a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146354 Malicious code in polaris-mdx-pulsar-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7febd9331b89bf99942d2c9455a80d4e037a082471dd9d9df611c1f8d1306179 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147137 Malicious code in registry-zenith-redis-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c3548f1d4c8fe3a799f8b4223195ae7594aa056e62b63f20ee05bea9627c9df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139447 Malicious code in antares-vuetify-nightmare-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb05e72399b628edf6a0b1f2964386424efab1b44c0b544971072d2594867b78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148722 Malicious code in toml-transform-colors-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91d70cd2849f53b4ee927dbd5ce6124dc606282f9efcab3a38d79e9435a06b6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141816 Malicious code in duplex-octans-proxima-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63b3bf319b92e4a0abaaa40adf046cf088a33ab1547bfe298f363a01dbf049a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139524 Malicious code in apollo-quasar-hermes-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 652e2d076c3ee69316f7b51ec59ecd9c44accaccb4af2c046cfab5c66c5133e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139983 Malicious code in betelgeuse-hapi-dynamo-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41a35da202899a19f4d2770c7c1cd9956c0a0b82316c6be52a6712a1fbfb1568 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149433 Malicious code in weywot-callback-native-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acf6401f2882339b208ef56c16338a6c47a298491ac9626bfcaf7d028652236f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148227 Malicious code in sqlite-ganymede-jovian-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e769bd671055035cea71893fdb0a3a7e4aa2012e5d37a9d0e0f609d74b13e81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139660 Malicious code in atlas-terser-uglify-js-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72bca524c147bbb2c84bb99e0bf53400154dfe38d61b8b5fe6311f40c3c42645 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145695 Malicious code in nuxtjs-astro-dotenv-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361f069c8f34b46d870c8a13f9857e804499b8f943a16c7ba015da58b6adddfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142218 Malicious code in eslint-fomalhaut-lint-staged-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb105ce95665918097d4d61401177afe8ca59a34d9f9753e8c40e94ae07b8d54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140016 Malicious code in betelgeuse-xanadu-deimos-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7f44508c82652976c4e53f82e197081f45973be86a711dab05db353c389cbfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143110 Malicious code in gulp-await-antares-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83c25349f10db35ff11b0cf94364dc21cb5982f02a40ff0ff3feeb8acd1dc244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146920 Malicious code in quark-capella-canopus-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b4536fcb69a0fe5307fda036394faf6d0557525327bea93c51233687e630a93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144934 Malicious code in meteor-sedna-markdownlint-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b24b23272bb9a9b6fe57ada512032b74918ee0417d5834f858230c532e1bc667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148234 Malicious code in sqlite-orbit-xenos-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c86265633b4b5b2fd5f73dca2afde3e2809e8e36c6b6783188ef1057a4bb075 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...