MAL-2025-147858 Malicious code in semantic-ui-tool-fornax-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc452a16821f632b60df56036af5151063884ee1b108f2aa9dafd78573f9d437 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148031 Malicious code in soap-postcss-kaus-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1a9cf6fe05acdb7591a3ba704a2acfa5bf5787d9da06b4e57b260154da4174 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141177 Malicious code in cosmiconfig-cressida-style-loader-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94271e0ad39049b5652876cee88d242361da4605c8f8899fd662c77483075950 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148784 Malicious code in transport-docusaurus-markdown-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71956465a4a6b68fe33a350a15f7ba73656070132aa30b36b370922f7dd325ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142975 Malicious code in got-aurora-altair-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63d68a0461ad4916502c60d7cd2211f6b03c381ea1d81803a7a2a11aeaddc820 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149673 Malicious code in xenos-airbnb-quito-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d69b73f1b84b812f228d10db72c89f610a6d993790e55508b9dfa9e24ee52e9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fork-cordelia-gacrux-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d5df5ef2b61b37688c2f55bd46a28cf1c268628a6e43f3c21b47bcd8b8596d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139837 Malicious code in axios-protractor-loglevel-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52d16a7033d42bdb4fbfafe22f856e5fb27e0364dea6cc4a01772b651a18961d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149762 Malicious code in yakutsk-chai-css-minimizer-webpack-plugin-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5302087986235bd39e060db5a14525c740168f2e57d7920582b9991970f2ade5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142426 Malicious code in farout-sync-regulus-node-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab15b377e01838c81e48ce3e12a9f793df1cf6f08a8352491c27361e3411dd96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141693 Malicious code in dorado-module-centauri-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dc48c5da0d6de22d1a878291edfa6b66e1ba73e9a36bab77ba8939963d3e8cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148144 Malicious code in spectron-webdriver-uglify-js-figures-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8789b9b82d67312a6f4a4b617e59e05f8880864510defc0e5ca8981f30aa0dbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144281 Malicious code in leda-miranda-oberon-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 461eb1aaa170f1ade3866b64f4560dc0a875eb7da1242e23479da25eb4790740 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147042 Malicious code in rate-limiter-loop-npm-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06092420b8957a0da75aae83861ae673c840b2bcfa86993780d030e2509e0261 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146687 Malicious code in protractor-hyperion-soap-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc172a6e98714542897ff86e8b096def8bd773c0f7a8b2d9a6dde31dba23d298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in halley-markdown-pdf-terser-webpack-plugin-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c8f8e6d03c3daf00589833a3797e608a89883125a45d9cff367282e9f6585f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wolf-loglevel-hyperion-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07215dd570a9f1ba91bae4165f316f59f121eedcd225aef447a190551ca6cbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-plugin-solis-nashira-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e063306d0ace405b4675d9737c8065008de10a8d47a009069e48b9c53f1b196f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xerxes-node-sass-mira-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e5c0088d5c750f8fab1a2dc599d682e4ffebe0cebbc23360f042a0267bb5031 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wolf-antares-uninstall-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f37908e13e3b9b904f0430d7825adc9afec6ae30f58f69e0aea1614bfaa2d854 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...