MAL-2025-143238 Malicious code in helios-procyon-acamar-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b1c78fe3d841cbc1ffd9d974980201998e5adecf1b4254977630cd35006ef5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146571 Malicious code in process-spinner-node-config-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10975cf9d208a454c4ec8cf4c7efbfe081c6fb8ff9695c78c35d806391226c26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144219 Malicious code in kronos-grunt-sadr-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a77e858e6d1a107decdeeaae11b5f3cac7d091cbd8cf3627ffeb3de7918adf8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145157 Malicious code in mongoose-jovian-prompts-bootes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adfc21902cbbe288d44e67e91822e196ee14eb461970003305eba5225b5ceffc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145108 Malicious code in module-lint-rehype-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2939b8efc57b0447f1e6a1c6ac30eb1b3c5f6a835d155211f5ef7e8a4b2a4009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143210 Malicious code in heka-ophiuchus-cache-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a88089822f8c73b5b0395551f87a7a085394fb6497c4c9d5cc2a81edb29f61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145241 Malicious code in mysql-comet-alphard-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a005d0955df6e4e93cf6262bb033d9c63b11a8dc4ea15c3d2b0c59d7f6791f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143511 Malicious code in ignite-cosmos-nova-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bdddf260c4fdc700866bb9a9454dc8bb26b7025a28c621db874b244adb44c16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149691 Malicious code in xenos-thuban-resolvers-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c87583f813bf3b289010d2d1fe63c705d1c7b1a54fd57decd0f17f40b0c5d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146437 Malicious code in postgres-iota-testcafe-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1560b6c8b722d09568f71ef3cd851c6896f97b12a95429813738ac245e8488f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148971 Malicious code in uninstall-sync-apex-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 189409f4dc200c6e26d27168dc6d08f0262204ea0a085b6a5af402e6a94c250d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144851 Malicious code in mensa-foundation-apex-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ee5be0fc327e8e38982be98ae04183db050f3f4b08c7cc0af9727c9c2239019 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140223 Malicious code in bulma-package-karma-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eed95e027be6b3d93e60a805a8b140da2fefc31d366385a1db9dce3da622d56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149213 Malicious code in vuetify-loop-convict-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93f0e13049c0859e3dadf910abbac1dcaf26e8a326d775432d744e45fd8da3de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141837 Malicious code in dynamo-sequelize-hermes-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2e59e09926ad401601fd6a02322162da69959133ab0d2524b3a52697d3929c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145294 Malicious code in native-quito-venus-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22cd3182705b88c0e14381b43792c9118b4bafb5d433ada79eafddb31bd3afa5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146790 Malicious code in publish-jekyll-miranda-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6feeb4b563ffc117fcba1336c759485b16a38dba134d42144cfb8a11dfde6d47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147163 Malicious code in rehype-auth0-superagent-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0608a928572c4b7bfb6946da1d1256c1306c074a7c2dfc451c142f079b1e49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146151 Malicious code in phoebe-fusion-soap-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d22f0820b09c7cdfefb0d7d118c8e8b2ecae5f922d629da09c23570bbd6543da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140350 Malicious code in callisto-redis-miranda-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c808404c1516eceae69b46eb674ec8d4ebd16b9fa71aaa80df85e7aced834f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...