MAL-2025-146713 Malicious code in proxima-eslint-plugin-xanadu-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79e1bff0b2371c9718a62b45c8b461c87c10eace4b9cd803171ec8c16ce0a8aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148037 Malicious code in soap-taurus-alphard-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1d5f090be809b21c5b50628f723d4f107765b7e01ff6e0a5a790938b79adaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139783 Malicious code in avior-rollup-stop-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9edddc936cb28966c53e967414bf4652f3bff127a82fc2a0f7328beca98b0b00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141165 Malicious code in corvus-puppeteer-eslint-config-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a339ee93474eeaf05bb0ccc6e79ce00d741a53f99c8a1e41fed151288239494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141764 Malicious code in dotenv-safe-non-blocking-bellatrix-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23f3a0f41e22eeffe8e03617d54458f2fef81c61cb1d871598a3c4f76542fc27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145222 Malicious code in mutation-foundation-mocha-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4504dd92274555fec52a11e4209f610f222ddd78d1a95312070a220335e6d8d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145796 Malicious code in odin-janus-procyon-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b384e902e971c3bf77f1e3356c7b21237e48b31e6707cb7d609e0efa6b0fef53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143195 Malicious code in hapi-pm2-event-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 859efae1d683341cf881810b9ed0373769cb7268a4055824235d2a45b7903f21 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147384 Malicious code in restart-loop-quito-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce3b08b626c1b721e934cc6da12eada881e281233c8d27a95f2ee119e8031a5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140700 Malicious code in chariklo-inquirer-draco-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d298f0a4427a242bbd1c9209d460665100b4d41a1f01efeb885855ed86107ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142610 Malicious code in fornax-centauri-ceres-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4292f5a1b31a9d321a2eb9d21512f8235d0431796f54ab26eaf817f2c15b8d92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144806 Malicious code in meissa-fornax-ini-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 635fe853f926b64f3ffe8ed1be352a1c5361633308b5d473efc4932804483edf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146327 Malicious code in polaris-cache-geckodriver-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aabbeb70ac312a861cee080d883f38c47e8b66b9d9798c90eda84e2aad74baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144363 Malicious code in levels-spectron-webdriver-callisto-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73f588c6a8a810d94b41a205dab476989bbd997b1a75838b16e70916cce569fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141667 Malicious code in docusaurus-hyperion-postcss-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfc5c61627e6280aedbdb49c22147e97245479a467b4b4bea6b57a4b6531be14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141285 Malicious code in csrf-html-webpack-plugin-postgres-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0af2b65af5d61317084f768e05e83372d68c492ba3973262f0486b6fd8717364 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148493 Malicious code in telesto-enceladus-process-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24364b2e6c5dc0894a47fbb319e1cb52083ba1222d56b868b57bff6f62ef7ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148712 Malicious code in toml-hyperion-meissa-kinetic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c2f18b7a7dd6a2b41c7c3ab074d80a3cb83d5aefed647bd05a8a3ab4c1dddf6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147129 Malicious code in registry-gacrux-heka-yonder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da988ac05bed7c870b67b3a2195b3e1313acf9eda1348088471a4806c0f16796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139796 Malicious code in await-dactyl-flare-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0997e94e577b4a4ff7fc6f45c2326910b7e2834f4394205bbbd2358585a5f584 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...