Malicious code in hugo-tethys-mini-css-extract-plugin-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7dbc624650bc0b3834c7a8d66f0048884cd10d0c3ba1da0fb8be592def28e9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140030 Malicious code in blaze-release-it-cross-env-yakutsk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 035760773f3f844c226c558569ddd03e46481efc0be79bcfc58a3adea2384f53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-sails-repository-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ef22d2e7c169092869951d0002a750ed5d23a4793af0396d7f0f5460b51b67f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140088 Malicious code in bootes-postgres-module-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87297a5860fcee5829f7e212c41486ad5a4a23f21ca3ba580b5af5d2b4bc41ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144608 Malicious code in lyra-grus-csv-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e23074145049a720e304aacae238b9e6e91e6e85a207ebbd06a7a074a4f7fa95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146425 Malicious code in postcss-xanadu-test-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 829bbcc100b6a0075043e2dbd7df90af59ab633374fca956c513e20a11fd2a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142461 Malicious code in fetch-virgo-pegasus-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccd32cdf50e098d0e2c2077c240e4daeb39d7defafc0a8c6f4ddebe06fe32de8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141895 Malicious code in electron-builder-aldebaran-betelgeuse-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 549f931c6a986c413378aa543184df78de854ec169ccb0a68ffb6399b50edb49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146458 Malicious code in prettier-bootes-foundation-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a53c7346225795dac3b7360459040503656b008241b0ce31c45b2c4c8d522653 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149571 Malicious code in writable-karma-kronos-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdb358fc9ebea40fbbf076585b22fed306191058ee9233a9abe101fbc18c1da8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145863 Malicious code in optimize-css-assets-webpack-plugin-lacerta-non-blocking-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdea074e797e07531aac19bbe4149f751c9f8ad088ce2a74553c007a9852be1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149662 Malicious code in xenon-shelljs-chariklo-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbbac76d56e5ea533334cf5a8cd66bbd396bc572f97cf384097f8a2e9f791d69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144278 Malicious code in leda-koa-dotenv-safe-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808c73d9e9f389030423bb79948118805a5bdf318cf7822ce009acc6fb93fa32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142025 Malicious code in enceladus-cz-conventional-changelog-slides-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89c0b08346bf9c56d0ce926bc8bcbe0c8fba7e8a52964cc09a4318f02e8cf27c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141809 Malicious code in duplex-galaxy-postgres-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e258dc5e9b5fb277fc19f420f2898fcc42e171ed175cd5bb214e6b80bea57e01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143270 Malicious code in hercules-async-sync-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21f8a0f0f8ee952f1f94ae7f00fe9bfb27f25ebb131b50774004ecec744eb08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fusion-flare-mensa-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67cb283c5e1df3af407d2bf58256597fec083f923747006d84c54fb6f2b16d8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grus-magellan-typeorm-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f18449376b83609646a9b250f76f59430fe7e04389cbc080054e433d67a80a32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147777 Malicious code in sedna-mongoose-mdx-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f685c7f1a1ccbaf9d2854a73087c26e670062432dfb5c8300287384444aca577 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140388 Malicious code in capella-got-norma-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378a90563bb59c066009d1f716b8397f7a9794d238c740fa8209ae523f935e56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...