Malicious code in framework-magellan-mocha-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 134d8b8ad0a608d770da2b282ea99ddaa6fcb5459a7eea6743382b9852548bb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdownlint-prettier-stylelint-impulse-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ad1196d1bea592e2c0a9af35cec261779a44ca6248ecb86efe0670193f7323b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nashira-xo-concurrently-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd92af27014b5e0dbf1da31c636abf1d7e77a763f716e5439bda1534aafef88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phoebe-spectron-halley-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6609c06d440e2b17c22a87b2aced1df5a798c2dfea152333b4a5a15c25eabc53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inquirer-child-process-concurrently-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b2ddeddc56db997eedb9376c2bac0b0f00122edec437a41fa5927cb0001e8e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147432 Malicious code in rigel-less-lint-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0250b17d1e824b9261142e2ef10bcd989d933f1fe55d49cfd55a9fc7ff406bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146408 Malicious code in postcss-loader-scorpius-centaurus-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffd95c0b4860dbb6693adebb4eb4bee696b2d9c115cda25ee2ee39158905c40a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139251 Malicious code in airbnb-chariklo-elara-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cac66982265c4f2d61202648e76580f5db3c11392d6a416f61414a7233a5bb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145682 Malicious code in npm-lynx-neptune-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e9a2f3ccf8561ae5ef11cea90c1d6d69d8c9f8f26902b42b97ec2fd14f7689 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149477 Malicious code in winston-antd-corvus-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abedf822a8547ae8ecf50d68853589a4cc4cb7fbee11665ad0ab235d5085f9f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143125 Malicious code in gulp-webdriver-mocha-yildun-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 204e94d6ea198d5df1a1fbf2ba5bba87ce888ae2859eb0febdbd54e436e7238c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148692 Malicious code in titan-quantum-unuk-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2442a3f0060056ceb4fb323c6c2eba78b7c4abb16e5826b0c5a13a0f9bd413da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148591 Malicious code in testcafe-css-loader-uglify-js-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b040a662f7e8b05e1b6d1cf3784fc142e5ab38537763c5ba7fe1b304a1f7eaaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodejs-framework-taurus-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ca5c47a0b91aef35c306426d598941c157a29b968536ca1515fea6acd250949 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141735 Malicious code in dotenv-parse-variables-readable-dactyl-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb3fe8fba115d5787ca57c1183f16a661fb0dd62f372ba2f47737309bd8cd39b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142589 Malicious code in fork-gulp-bellatrix-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6373b65f6de2f3650a7c758c470a6c57c3364116da0f1ed56b7c095fbcdc50c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142077 Malicious code in envconfig-loglevel-odin-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b321c45b81b732779a0e076155f3dfa0b59bf86d2bd3064660daeb735949ccd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147042 Malicious code in rate-limiter-loop-npm-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06092420b8957a0da75aae83861ae673c840b2bcfa86993780d030e2509e0261 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139472 Malicious code in apex-aldebaran-sass-loader-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df72001cfaa988d92bc5c2ea746cea8608e30c4aff68bfb47d95a8ecd76cd633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140772 Malicious code in chromedriver-foundation-ophiuchus-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 734cc0e1a4fdbcbaa4277defdafd1411ff42c898978cefc6ce410b296ec7f58d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...