Malicious code in atlas-duplex-astro-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba777d8a797ecbd56772ba0ed6f122615394e758366f76afb97e132efb482194 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141815 Malicious code in duplex-lyra-ganymede-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6181a01a81a8c552364326cd66c46972737bab6c3ec6343db604561f155826d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141036 Malicious code in config-proxima-duplex-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd0d5e9cb5983b4c6c0b159ad8e6bd1605cfbb77d5568ccef57bc450516295bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-umbra-duplex-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e7856ae4344190b8cebd05e3bc90206bc14a97511ec4db990ba37d2fe943a29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124827

Malicious code in mocha-reveal-md-nextjs-duplex npm...

EUVD-2025-113240

Malicious code in geckodriver-magellan-csv-duplex npm...

EUVD-2025-112525

Malicious code in ini-duplex-mini-css-extract-plugin-stream npm...

EUVD-2025-115318

Malicious code in cli-cluster-duplex-eslint-config npm...

EUVD-2025-114287

Malicious code in duplex-winston-loop-hyperion npm...

Malicious code in ini-duplex-mini-css-extract-plugin-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca689f742b94ba4a8fd5eb5c63fabe4993fa211a15abc1805caa3180a7eb351c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in duplex-winston-loop-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74a43e2d71c5eae6cd6f7c189f43194e31c47478b8fe2987a3495d58736c1caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121632

Malicious code in stop-duplex-cz-conventional-changelog-quark npm...

EUVD-2025-122276

Malicious code in sails-duplex-postgres-geckodriver npm...

MAL-2025-149369 Malicious code in webdriverio-fornax-duplex-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d6c6c69309a6e97ba9068bd9dc84fc3a380e219ae32e32a0cd777771a2bc12a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113447

Malicious code in foundation-aether-fornax-duplex npm...

EUVD-2025-114305

Malicious code in duplex-browserify-magellan-fork npm...

EUVD-2025-120493

Malicious code in weywot-enif-bulma-duplex npm...

EUVD-2025-120477

Malicious code in wezen-duplex-cypress-nightwatch npm...

EUVD-2025-114294

Malicious code in duplex-lyra-ganymede-mysql npm...

EUVD-2025-115893

Malicious code in bulma-duplex-sails-blaze npm...