MAL-2025-147437 Malicious code in rigel-npm-husky-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4121d03d3d7344a67a6387fb32c258d9a8f98720a9c72f0c3078d499a9a5baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141895 Malicious code in electron-builder-aldebaran-betelgeuse-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 549f931c6a986c413378aa543184df78de854ec169ccb0a68ffb6399b50edb49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149039 Malicious code in ursa-andromeda-avior-nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a92b9cdb554417f4a121dc2e38d5188925f4ffd5d976110e975aac9951bb27b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139459 Malicious code in antd-loglevel-sagitta-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74998325ae8c37749976304017144b18be96fb00d74ce19a8051c1a358bb1af7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143712 Malicious code in iota-bellatrix-husky-passport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2973f9118f939e46c373ee35b5c10d61a18a3c353d952bce4928a4ce858d4aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141100 Malicious code in cordelia-kastra-mui-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db9153be71dd128015064d23635b4510d601f804fe1986f5a7a8af04062f75c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144278 Malicious code in leda-koa-dotenv-safe-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808c73d9e9f389030423bb79948118805a5bdf318cf7822ce009acc6fb93fa32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140030 Malicious code in blaze-release-it-cross-env-yakutsk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 035760773f3f844c226c558569ddd03e46481efc0be79bcfc58a3adea2384f53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148046 Malicious code in socketio-buffer-version-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 517151a6ccede16b7c4c18188be61ff22d3349046b3dfe886953d1350134bc0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141782 Malicious code in dotenv-safe-wezen-loop-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dfbd1335926adf07b4842df69761df017e389eb233b6ad9b629bb51f25ea4f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139995 Malicious code in betelgeuse-octans-venus-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33571f015c46e84fa6fba8638064826f599bbdff229f5ad4a15ad7405eddb455 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149662 Malicious code in xenon-shelljs-chariklo-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbbac76d56e5ea533334cf5a8cd66bbd396bc572f97cf384097f8a2e9f791d69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149005 Malicious code in upgrade-celeste-subscription-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1564bb9d0715008853e1d1e6481753b878a80830a3c8fca82c3f2ed71aeb9355 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146816 Malicious code in publish-start-mui-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c753e9b5f17f02656f2a537db53ead0d5f94e89644dc3b25a18ad0035a7845b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146415 Malicious code in postcss-loader-yakutsk-europa-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3934a796437258dfb3b5a9dc6649a7c7e4471263fae908da9840c57120e65f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149655 Malicious code in xenon-oberon-semantic-release-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0928c9c81d167db71db3f299e5566b1a13b3aee1d5842453431229e9ecbcf7b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146872 Malicious code in pyxis-config-eslint-plugin-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9039999becb8512da6baec8c9a9785c430ce5c276938dacaed4906dcbcde51d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149127 Malicious code in venus-vuetify-regulus-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52e17cee68eb004e87c9a313b67a9f1a16ca7cd3689e90a42632fe0a3b8157b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rough_wildebeest_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19108e27330f7983ea1c58606bfe8b88286db86f41acf90b79117985b4756a1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139137 Malicious code in excited_silverfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af86dbd8d335bb7ab0960cc1ceac104618c08690daaa5868155958023662b55c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...