MAL-2025-188755 Malicious code in plutology-sass-loader-mongoose-extremophile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5143ce37789b72ee505bcbf926f1c3450ee28736cce04aeca84e1eb9010bbbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188490 Malicious code in package-changelog-css-loader-slidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf183518eb8813f78ae38737637f90dad98dce465ad977d4ef42935ed1a8da7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189960 Malicious code in tool-webdriver-mocha-prettier-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0202e0c6d5116df45f3fbcb466f9f4469417db5a0a3a8c2d51725d491a76e674 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188178 Malicious code in native-electron-builder-nashira-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c326aa33890289362406cb0f22eec8401d0b31d237121e8667b24eaa89de69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190317 Malicious code in whitedwarf-fomalhaut-nodemon-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 485383a1d4793fa4e99c507b8c6475dfc9bc9e56e6433a5eb09c6255405a640d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185618 Malicious code in async-eta-try-balance-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16ce88a7db07011ebd02f6deb6abe9ec27e30f28d503c3580ab35c829a94c70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186514 Malicious code in deimos-concurrently-outercore-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ffa621761675fd2e3ec7b468f01d71eee4ac950beb2e51f7e89d5533a0a6b4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186129 Malicious code in chariklo-perseus-chalk-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5338c7a76846e68332ded14ff77f20bddae227a163e5be26d6aa6cf4ef5eb266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188372 Malicious code in nuxtjs-heka-google-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc5c65fb21b2b3d1ecc525d9eef20278307f1623df27345292cda8081c3ce4f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185695 Malicious code in await-jwt-vuetify-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd21812b96907664c208aee1e22aaf7d46e2eaf9437d6f4a0c8a6f0731f689fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188033 Malicious code in meteor-spectron-webdriver-ignite-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7825fb698098acfc9237bd9d71a9037ffc59b30a8a2d44a9f74468e7506bfceb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187075 Malicious code in futurology-fermiparadox-parsec-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7932b00db63a52a64e991976f6b489776b42c5b992ba035510f6778c3fcd33c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189797 Malicious code in tachyon-asthenosphere-less-loader-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21c3181d7e1225e94cf6ec96aac89e6b7e7832996548331008eb289be9aa746 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187781 Malicious code in library-nebula-rest-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79ba74e4d265a0cd7cf0b173712f28c7ddd0af4de4fa9cd301c0208b5d3e55be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185463 Malicious code in antares-bunyan-apollo-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2c64bc39e1aa26b38456721f22e94693806377129dbac49a767a3dbeb61f372 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186619 Malicious code in dotenv-parse-variables-public-cosmiconfig-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9e2cf5e995e7be6217368c91ec8ecf853022838cc7a763cbcc73d49e0c23b00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190029 Malicious code in uglify-zeta-tree-delta-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c2a9aea8eab50320c779880a7b814aebf214304d7a582738f948d6c44cf0d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190355 Malicious code in xanthus-dotenv-safe-markdownlint-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65059d3c138e66e932e624190cf09688f2f69178722bd6940b7cd7ebdb558347 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189238 Malicious code in rigel-miranda-cache-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24d18ebd38c79524545d193434c68697eb21e47a21abb2e7f108ae969d00566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...