MAL-2025-147580 Malicious code in sagitta-await-nightwatch-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 599b02ee33e0ca172ba387eb8fee06d5bd917b1b51bf2136c37300c417901fd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147390 Malicious code in restart-protractor-auriga-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd6c74e5d8b67a20911a113bf65794db83dff4dbdd74a3b2a604963ae5a756e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147842 Malicious code in semantic-ui-concurrently-enceladus-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e9348abe7dceafcbea1bb3601475a31350792e0fcf6ac6edef9d9fbc27f3268 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148137 Malicious code in spectron-webdriver-process-yonder-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2343a8b6a2e8295b3328b4128cf6c6b8baa22c2f0554a20601126bb4be94ec50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139209 Malicious code in adonis-barnard-commitlint-config-angular-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0e30834aa54b97707b8f7c9bde05d8df1b16e3072c88cc6cd8726db3cc519bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142159 Malicious code in eridanus-wezen-module-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db08aa8da6ac73487e2363d886d20ce680b382956c29cd219ffbbe067a61d4d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140772 Malicious code in chromedriver-foundation-ophiuchus-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 734cc0e1a4fdbcbaa4277defdafd1411ff42c898978cefc6ce410b296ec7f58d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142869 Malicious code in geckodriver-jabbah-middleware-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65e6d36ee6c729052ef5490e2ccbb9ea74a486340678f9672debe78bee3bee48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140681 Malicious code in changelog-rollup-proxima-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbce01fe12dee0ad06db12fcd44184e7a2fa4e4ae51be17a138168babedebe9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144343 Malicious code in less-protractor-nebula-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9408abe13d23077284ee2775377bab10375093115e0c5e9a2cc15760187cd65d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146121 Malicious code in perseus-triton-query-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3fe942855422456b2b094db1bd45bdae5ec15bfecb41962f6257d1a0d834689 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142804 Malicious code in ganymede-impulse-dotenv-parse-variables-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 465e2d206b79153b87e7ee11c402e73cac24432e0d5be4983711cc105753fbb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144109 Malicious code in karma-gridsome-backend-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 310d0539043ad82350363d64d301dab21bc3058b5ed8f2b8c40789257f6e6992 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146687 Malicious code in protractor-hyperion-soap-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc172a6e98714542897ff86e8b096def8bd773c0f7a8b2d9a6dde31dba23d298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141680 Malicious code in docusaurus-taurus-ursa-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6412a38780f9ef1235e40c5e9de72c1cafe180f43887db2c96e49230dbe5767f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142955 Malicious code in global-zenith-cz-conventional-changelog-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d454667d1ae0a2ebaa313b1acd30a240be2d84ff229ca8b7064608303dd4530 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140857 Malicious code in colors-ophiuchus-apex-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fac9084cf98ce4dda9f94e9b7e0f33074d12f8aef60576e6d3e1ae09d9903fb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139803 Malicious code in await-nodemon-odin-draco (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b1c280ebb78f95f75f7f5f4315f0c75b4ddf9e6e621e4b08db6a03b5496aef6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142975 Malicious code in got-aurora-altair-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63d68a0461ad4916502c60d7cd2211f6b03c381ea1d81803a7a2a11aeaddc820 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148814 Malicious code in triton-duplex-jsonp-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ce8f1f8bdfbe0eb7305e787e364b8d48060c5e8fd599c5b5eb38830676c7fe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...