MAL-2025-143250 Malicious code in helmet-deimos-enceladus-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c6e531a39369437b0527d81e78bfd05af9e42257dbe3cfc838ba5a7f11ebb2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141387 Malicious code in cygnus-umbriel-inquirer-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c0bf2ab43841e4c62581daea5b6a0f8e07b10b3a8a9717077ae93295ea710f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147243 Malicious code in remark-castor-ophiuchus-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9974665bae787c95a53b225627dbad7b63f5036dde9ea0330b70f1b73b5aa9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146425 Malicious code in postcss-xanadu-test-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 829bbcc100b6a0075043e2dbd7df90af59ab633374fca956c513e20a11fd2a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144291 Malicious code in leda-rollup-mongodb-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e8e055ded6c374433931709e21ef5dbbc32dd336f2b829628a9a9e900854e5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140409 Malicious code in carina-eslint-plugin-async-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c48ce8ba7d435958b6830b6a8a7fe21a24780cd82d392645324548f91b988f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139618 Malicious code in astro-test-corvus-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6382e0cad627d040444c87f7effe7c6a89f01da98d9d02c5251e2f3881960d02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143053 Malicious code in grunt-astro-geckodriver-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d1be0f2bf539ff1222567468e6365afcb79ff15bd5b2b4407cf0121b5d75024 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143274 Malicious code in hercules-ceres-jest-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968504ba2b4fd0f91b0925a1a6f37f0f562d4535dd22ce439ac50ad7e2326765 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141772 Malicious code in dotenv-safe-protractor-bellatrix-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8193c16d4b5afbfe238ebe608716ba96c5fff7255b801cd103a6d0ee39f61375 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148589 Malicious code in testcafe-centaurus-europa-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63cba83b8eaa4158a54bf908f388a4b53f35a21124e1a87f75a2f4834c212ab8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147145 Malicious code in regulus-electron-builder-toml-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb363ff17fae4c8c782d0db9a96bc1aa2a403f59fa362575ea111d739766e891 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145053 Malicious code in miranda-repository-adonis-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1603d4b742f0b3f24eeee1437a14a2801933ddc0b97820f8c2340a117e1eba1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148963 Malicious code in uninstall-octans-procyon-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 974400de422e2a3fb0d03cf40d45a0476bca83b458b272e5638ed90165ed00e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140703 Malicious code in chariklo-mini-css-extract-plugin-rollup-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4885d904321f1e54289c15c6b9924e8d678610816b44065f535762c4433516f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144583 Malicious code in luna-spectron-webdriver-miranda-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93e4122b6e302ce6fed13782e4725c133775ac1f71e3474a36b3669158be714c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140673 Malicious code in changelog-library-morgan-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55450bda6649eced55284a2e5cb1d17294f7d951afd2040f864d9af5c7287948 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139598 Malicious code in ariel-umbra-ophiuchus-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da9e86173ff0addab1cdf898e07c3c272dcd04dae661fe37aaf678f79b66f2a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148317 Malicious code in stream-ganymede-semantic-ui-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d2d21c2aba42884dc74a9306d2b5780925eac3e6e9fbc5db65bb2e22d780c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144160 Malicious code in kaus-vuetify-deneb-octans (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fefb79e2456ee39eaac3f8098f9bab91b03aae22ed83bb9fa8faf7cff8769ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...