MAL-2025-146481 Malicious code in prettier-plugin-markdown-eslint-config-middleware-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 426eee1ab89dd01a3adcd9ec2406476a79aeb502c22ae7e6c8fd4fe9d4124d2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147909 Malicious code in shelljs-bootes-regulus-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bea1d60a341ee060fd308c857d380e387103b67657fcb6ba02d846cc3f73d1ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146792 Malicious code in publish-local-typeorm-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4482cf83db452cdff612d207cc3d09e52fe887e377776f0cbc30a97f2883b914 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139837 Malicious code in axios-protractor-loglevel-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52d16a7033d42bdb4fbfafe22f856e5fb27e0364dea6cc4a01772b651a18961d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141716 Malicious code in dotenv-parse-variables-deneb-lyra-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d12ee9ff99eacf328cdcd425a35bd5f6511ae844d95df269fd45b8a33b65be7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139315 Malicious code in alphard-altair-jupiter-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb92c5e4220e85a5166f8dd8864e3cf2ef13901c30cca040dca1b12763f4c91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139271 Malicious code in aldebaran-charon-pegasus-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808b7e01fc3390efda5a9efa37e7d1917a9fbe55cd61b8a33611ec40ce69b373 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148553 Malicious code in terser-webpack-plugin-impulse-inquirer-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d74331383fd71651f9cdb11492c213881425ef996a503ea374ee428fd199ffd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146019 Malicious code in pegasus-callback-build-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa451bc61732e3800480939f0e2c59aacea12ed0549347ad33424411dbe39b55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142252 Malicious code in eslint-testcafe-readable-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8ee62a61e56cdffe10f030dcf9491a98d3219334ff1c007935f2c37dad4045 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146509 Malicious code in prettier-stylelint-mensa-xerxes-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225c1374c819766205cfe8f29d8b4bd86003f72a5708873e823e071659d5fe7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148289 Malicious code in stop-chakra-ui-html-webpack-plugin-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a04beb1d94e9aa6142f6535b0c0dcc3320aaeb6a53e45353f3211d6f345730 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140512 Malicious code in celeste-loop-nightwatch-centaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8831623cd3ce919a2e1cf64530b543fce464aaf11766e4316e23d373c57b103b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144139 Malicious code in kaus-cluster-superagent-slidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e520fa894f85dcf5047f8f11da6df83734d4f0e4807024182938c2148739a349 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139812 Malicious code in await-venus-oauth-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12768900fb6531d21a6c7d38c5d1cdbfe8e4317e241ff500685713b38f7aafe2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144440 Malicious code in lint-ini-carpo-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 710073126339c59eb7484057356e51e3da9dc45a7611ec43e102dada5d735dcf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145813 Malicious code in ophiuchus-duplex-koa-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 026985088b076b41d3553a135400fe4e6195e5a076210af526056f647ef5ba1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142843 Malicious code in gatsby-fork-soap-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b73e7a65de6af65020a1c45f76329317657d4f7569beaffbfa56f0471cd8adbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148669 Malicious code in titan-adonis-nestjs-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb39ffce40c8af09af9eb6ddb26d2f4ef5c413bf45dbc9bbde30b530839a19e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139623 Malicious code in async-development-jovian-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51464621a81af6bcff023d345004235362af76b61b06c3f4b8d0b27d4975dc4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...