MAL-2025-143989 Malicious code in jsonp-blitz-cordelia-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e9a2d48029e6469105d9d04046b04f81c2e0c08dcaad383e50ec9eb573552b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145016 Malicious code in mira-polaris-forever-pino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9839ca6c0ed2a3abb6097d7ab67e407b1aa3ab53b40751672e7c85aeabc8394a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143735 Malicious code in iota-node-config-nconf-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776028f8550df0eb3f0612e558293396e665b35add8f207b7c3b8636a9fe1b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145086 Malicious code in mocha-levels-buffer-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 890c0cae9df9cd10d926ab284ed252cf1cc4bdfdceba6c2355a481aae5936c37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147306 Malicious code in request-react-bootstrap-eslint-config-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c42231242daa33d49ae67eb469553c9f5a0e324dfcb03cf0c480f9ada6ca83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145257 Malicious code in mysql-optimize-css-assets-webpack-plugin-castor-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 550ccf08e3abaf7c172df12d438802d720d26d8c19209ea20c654059b77bd0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142842 Malicious code in gatsby-exec-foundation-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08aaa4659fe961e104e5a69e278baf5b0518eb53c8882b3de7b2bee0c88b2e8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146376 Malicious code in polaris-weywot-ganymede-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 170d3e04ad289a69b3ceb68f5917088fd708a09b8b96f4ab8261e3123b32e2ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139264 Malicious code in airbnb-transform-apollo-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 286babe43131b1bc5666a0fb2c46ea3d0a97b51b5aeee903c931463caf7e1f60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kaus-bellatrix-async-astro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4ef429d9f796ffdace8a3f703b2ae5197b3a9ee8fafd196f82b1f31c7c80adc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in competent_krill_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3996122074b551d003f4ae780312aa8b69fa116ed2866785630d4311392eb7fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mahesa-empal4-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91525addfda8f1fd840ecb5031342c3bba614aa2166bc658c6373afafc86e8cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sinta-dradag51-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbc468f99f4845f9d1eef80e5961a45ee7be749f9c512af516df86ae6b372196 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zul-martabak64-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c95c072cc7213509f675809fcd1f05ec874c1187d5915db1dfefb718775dabf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138331 Malicious code in yucky_magpie_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b9fe148425095b4367aeff3abdeecfe8b4f36e60690b16bfe84a5281d3f4f37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-134946 Malicious code in kurnia-kue13-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdfd0fabe88b4f0ceebc5c255bcbf99835138107846aae37d087c194ba28a08d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-133344 Malicious code in fajar-bakwan73-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a474d1f624a861e4804be0809e0198f60dd41287b4c84b692df913f7739e80c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-135733 Malicious code in nana-kripik55-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d9a36f71564714a5e1d279bbc9570f3f7f6ddb7eb31f77e3f296235db24481a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-137547 Malicious code in umi-lontong7-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed11b62d302a5643770366c7d0d594a7ffb428acc23f98e84cba876eb6b72f86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138012 Malicious code in weekly_cattle_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eead04368776fdc08b997d1854f977d54a0513d43012cc9224ebc42a8f32a5a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...