MAL-2025-142159 Malicious code in eridanus-wezen-module-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db08aa8da6ac73487e2363d886d20ce680b382956c29cd219ffbbe067a61d4d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139903 Malicious code in barnard-commitlint-hermes-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c8004b6ca73f38ad76ad7c7d80bf57deecfafcba1ecb618d13d4776d066d13e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148166 Malicious code in spica-lint-solis-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e0bc74a9bf11f5ae9f2d2951d34d018a956cf3d25f4ddd5b84f47c2335f0a77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149477 Malicious code in winston-antd-corvus-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abedf822a8547ae8ecf50d68853589a4cc4cb7fbee11665ad0ab235d5085f9f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149200 Malicious code in vuepress-rollup-plugin-bootes-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 459bba9d11d9ac0d287ffc425c6ef388ffc1edc035bb30a831d617d5e190d4ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140326 Malicious code in callisto-cli-galaxy-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bf556bcb08436ef6833d0ed35cb9b7b1780cbd5bea5d5949a951f74bd975cfc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140044 Malicious code in blitz-enceladus-ophiuchus-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367e5ffad151138012cb4919f2290fdc248dd5eafaccc502f6fd5d421ba0c35f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139654 Malicious code in atlas-radiant-equinox-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2fb112ba89498f5c0a6d7095268cbecbe8befee373f618f8e4f0bcec6af2e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139472 Malicious code in apex-aldebaran-sass-loader-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df72001cfaa988d92bc5c2ea746cea8608e30c4aff68bfb47d95a8ecd76cd633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143815 Malicious code in janus-lynx-nebula-astro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c58283b03b07b8dc5e0e6a679d5e9ea4d0b397a111371b7e52f2647e692d785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140101 Malicious code in bootstrap-enceladus-readable-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f2dd45bca27f657cb02778a1560a63a6131cd19629224718b710dddaa1f7ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141536 Malicious code in deneb-celeste-grus-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f133612cb4622a9ff368b70b9d7c1d3a32e82cb081c81b65846dc2f0327e20e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139271 Malicious code in aldebaran-charon-pegasus-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808b7e01fc3390efda5a9efa37e7d1917a9fbe55cd61b8a33611ec40ce69b373 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144370 Malicious code in library-betelgeuse-yonder-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40d464d999af81bcaceefdd858dd914d406dc75800c99c9aaf27487492862826 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142252 Malicious code in eslint-testcafe-readable-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8ee62a61e56cdffe10f030dcf9491a98d3219334ff1c007935f2c37dad4045 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146121 Malicious code in perseus-triton-query-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3fe942855422456b2b094db1bd45bdae5ec15bfecb41962f6257d1a0d834689 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143044 Malicious code in gridsome-hapi-comet-jovian (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8cd3cac8edaa9ec5304601d2065302dc6a788f5a38d89ce31ff3053d2f348b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasat-public-commitlint-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86828810b79ed18283b0b316575834d8a621b042d5abb7821c65806ffd04bc77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142589 Malicious code in fork-gulp-bellatrix-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6373b65f6de2f3650a7c758c470a6c57c3364116da0f1ed56b7c095fbcdc50c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145869 Malicious code in optimize-css-assets-webpack-plugin-regulus-vulcan-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07d2b8b61c7ab9e326b8192138231dad82b035a739b9196b7f208ca7b97637f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...