MAL-2025-139401 Malicious code in antares-cressida-astro-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a083a2e240bd569f359ce0153cdcd1078b75e23b0cb92a3fab70d2aabb5c2194 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139923 Malicious code in bellatrix-antares-halley-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7459668e9fdfe7e25259ab0a5378deeef5aab39f018a73af01ee396aa5f1f18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145339 Malicious code in nebula-dactyl-meissa-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01fadf6c26d618a6dc56352d25d762925947927db5f5ea0134c63e3dbdf0bb2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145398 Malicious code in nestjs-local-less-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a585851bb7e48da08bdaa215566063a5c8743693cb1a4763381e603664cda19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143602 Malicious code in ini-query-bellatrix-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17868109012618c362d16e0753aafcde22ed72095743ee03fc5cd4f777ae66cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144127 Malicious code in kastra-pino-equinox-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eda6bdcbe3cbb6ef8ab1bfa09ae585d6cc0e53b722c68e483091d717214b52b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147476 Malicious code in rocket-phoebe-norma-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b96ee1261f193a70b7eb7bb78cefd12edeee6d534a331c98854f83aeddd3e8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142610 Malicious code in fornax-centauri-ceres-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4292f5a1b31a9d321a2eb9d21512f8235d0431796f54ab26eaf817f2c15b8d92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149734 Malicious code in xml-relay-jupiter-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c20d6a9cc34ca95f2b1723710465fc3398f80bd0aa4f0419a2f86ed70baae5e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146538 Malicious code in private-phoebe-package-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 982866fd39617ee1fce0dd6dd16c6ce9c1e10f05735ce609b8f0921d02c7995b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140097 Malicious code in bootstrap-auriga-sequelize-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a36dbb251825bacf1163d64cabe662dd85f1e372883e82e36a063c852a0a2de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148037 Malicious code in soap-taurus-alphard-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1d5f090be809b21c5b50628f723d4f107765b7e01ff6e0a5a790938b79adaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148493 Malicious code in telesto-enceladus-process-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24364b2e6c5dc0894a47fbb319e1cb52083ba1222d56b868b57bff6f62ef7ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143195 Malicious code in hapi-pm2-event-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 859efae1d683341cf881810b9ed0373769cb7268a4055824235d2a45b7903f21 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147067 Malicious code in react-bootstrap-mongodb-phenomic-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a578d2d7e5537e4e062495c0e294002661cc51aeafcd9ea38025413e2c2c4dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147791 Malicious code in sedna-request-epimetheus-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cfc4ec996afc99ef0c7286e1d678dabc38dbb28ae29ca34a2a35855556cca19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149383 Malicious code in webdriverio-sails-perseus-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f54d6d3405988939147e15ad93363602512ac312efbbdb733e39a2f217639f2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145964 Malicious code in parcel-markdownlint-start-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4558d218085cbba3a719f0a8e2748b8af97f88eb3804a1948c42ee6ce42aa2a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142074 Malicious code in envconfig-halley-despina-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48934d339f8bef386426802ada777ff1e8a39e39111d761252b18c165fc55ccc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140729 Malicious code in charon-pegasus-jsonp-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82efbf0050b8e5d9394494a4d5e819a5bc550e287d785c51d7699688618a277f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...