MAL-2025-146812 Malicious code in publish-schema-scorpius-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69853a39d7a0295572d26acde7950f2beaf45da49f5298625f19213d97277f94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143712 Malicious code in iota-bellatrix-husky-passport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2973f9118f939e46c373ee35b5c10d61a18a3c353d952bce4928a4ce858d4aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145729 Malicious code in oauth-eslint-event-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 912e33dda74d1110c5a19a58e60ba349b4e47d20b5d79ea2ab9027ea4b4bacc7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140409 Malicious code in carina-eslint-plugin-async-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c48ce8ba7d435958b6830b6a8a7fe21a24780cd82d392645324548f91b988f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146415 Malicious code in postcss-loader-yakutsk-europa-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3934a796437258dfb3b5a9dc6649a7c7e4471263fae908da9840c57120e65f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147681 Malicious code in sass-loader-package-sync-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 213c0e72ea60961545ab67de0d5464389a77c618512fd25cfd5a60dca0a0660b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141443 Malicious code in dactyl-galaxy-quasar-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86057f9e811638ad1ceaecfbf45565c63cb2d6021f27fd1e67c878f87e002e19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141977 Malicious code in element-ui-pino-pretty-miranda-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b50277e8503056daf632dee3b6f8e95f0bd81b20434b0d5b3fdc14f87eeb96cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146229 Malicious code in pino-pretty-antares-wolf-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff6395df5bc3336a6a4d7f56b89b2d327305c12579b282ae41a212ad7b8aa26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148046 Malicious code in socketio-buffer-version-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 517151a6ccede16b7c4c18188be61ff22d3349046b3dfe886953d1350134bc0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139598 Malicious code in ariel-umbra-ophiuchus-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da9e86173ff0addab1cdf898e07c3c272dcd04dae661fe37aaf678f79b66f2a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143546 Malicious code in impulse-global-octans-jovian (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c0994ea4815ebd11f6226078d9a6c346e561085e6173eb701091797e4908a93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149631 Malicious code in xanthus-middleware-sadr-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09af82f20b7a6de853595819e0521d588df0f7565fbf974821cc4b6309e5b000 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141228 Malicious code in cressida-cygnus-commitlint-config-angular-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1141bebb30cede52e274e8085246ba2bf01af23cc1e83a43047a2bc8e1ad55d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146187 Malicious code in phoebe-webdriver-mocha-dotenv-safe-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4741cab512695c1c5578f08e6536747101c2e0fff2151fbfe86c9ec962f7f78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144580 Malicious code in luna-query-hyperion-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6703642c5e7790979d8f6356a5c1c0a8f05d50e01d7fc6bcf2962a0e0c9b2e92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148586 Malicious code in test-umbriel-postcss-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7653aca1f1686de272649e61e1bde312c3bf99f0ef8ab440834e77b4c521883a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142755 Malicious code in gacrux-chromedriver-cosmiconfig-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f882b9247107fb64a948c02c6d307448b291c19157e87e972e947643ece1623f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142791 Malicious code in galaxy-materialize-morgan-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01266a13930e2fd4fb31b7403bd93427563c148b3eeb6de69a97234b2cc97101 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145825 Malicious code in ophiuchus-kinetic-development-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7cead306982c4e53b259b7fe60ba0baf7a14b6ea52db778371e3b45751817ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...