MAL-2025-146910 Malicious code in quantum-mysql-schema-materialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1540831b0f95580f1e8db066bb4dfe5d00d24bd0b84256d15212a601e95c79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148144 Malicious code in spectron-webdriver-uglify-js-figures-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8789b9b82d67312a6f4a4b617e59e05f8880864510defc0e5ca8981f30aa0dbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148820 Malicious code in triton-mira-regulus-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42b1011fe9a27cb0c75ca7c8104767156628e1213a93bbbc953d3b2d7b7214a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144762 Malicious code in mdx-comet-vortex-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d646738d6d0dbaf2fb6006965a6ceaef683ecce9f15d049302831323556e933d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147806 Malicious code in selenium-mensa-xo-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35fecc8fad9cbba384f0222c2b9cbf21220083ecd5a1a258e3cd02eae7a83b57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147717 Malicious code in scorpius-thuban-algol-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 172742d80e37714777ceda6aa00d46d9e5c6c0f16d5f31980d3bde53a76abd44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145027 Malicious code in miranda-css-minimizer-webpack-plugin-soap-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a78c804487392c81ec4c5b2f22f56c86ca956fd102a26974d8adf7ade602ba8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140491 Malicious code in castor-ophiuchus-socketio-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89628c22eecadb0e3a72e314b6f2162c8d82153b70aa48aa99188ce9a8832469 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148878 Malicious code in uglify-js-quantum-vuepress-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb55c4cc946096ccfe269a2ce5ee5673ff8a6edc583a3f3b981f1dd96bfe7683 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148375 Malicious code in superagent-castor-mongoose-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a95f0631839de65b434dd57e55267fe235f40bd313d648b5f82b9a93881e7ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146565 Malicious code in process-radiant-frontend-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ae85598099fed261ece31e21b8ded0a3b2032ef48793745a4f6db01c8c0470b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141904 Malicious code in electron-builder-gulp-tailwindcss-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a4d4a8408f67e5a389dcd3135098f6df1df0ac6758257dd344820cfdfe824b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142925 Malicious code in global-babel-sagitta-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 280ac52a25aeeb1b2e6c9f3a4a230c3844f59f27bfdf1b084f24285bbc370d42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141394 Malicious code in cypress-chakra-ui-umbriel-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6da7a0c50622f6f39f61b3b41a7ec2cba924eafff2db61daeb1da12326ecea8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142589 Malicious code in fork-gulp-bellatrix-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6373b65f6de2f3650a7c758c470a6c57c3364116da0f1ed56b7c095fbcdc50c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148392 Malicious code in supervisor-hyperion-elektra-yonder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b5db0db05fb5d54652dfc6ef8f14eb7198b85498ccd575cdf38a4587083e295 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144154 Malicious code in kaus-sagitta-less-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49566d59a215e380c5de900c5825465d3fe8d859d586318e920d733797bb320e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139903 Malicious code in barnard-commitlint-hermes-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c8004b6ca73f38ad76ad7c7d80bf57deecfafcba1ecb618d13d4776d066d13e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zephyr-semantic-ui-mysql-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63e57d11c4d7901d16ef26e405850611d2f59d8153b151f725245de49008bea7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-babel-sagitta-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 280ac52a25aeeb1b2e6c9f3a4a230c3844f59f27bfdf1b084f24285bbc370d42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...