MAL-2025-142937 Malicious code in global-hyperion-antd-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5f0e0f4384ae36dc74db8016717d9057b0289fb591be45f44f0efa7bd87c0e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148689 Malicious code in titan-oberon-restart-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80f54b199c3e81770e49604610ad75bea2f44c7dac5b78f4cb3c6f6a4ce64a36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149676 Malicious code in xenos-framework-semantic-release-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bcfb6a70cc74a7a285327bc1e80fd2bde9efb27de6de8ace88cbb4fd7376aa0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148504 Malicious code in telesto-wasat-delphinus-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d373f25443472306bbaa7c1c008aeb2ca0702fd3c6c0c553dde5ca707aefffb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143327 Malicious code in hermes-spica-taurus-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cea1b431aa27cb794f183d676334d065bb20c5a5aa85ada442e41a3e2d0837ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144274 Malicious code in leda-jabbah-exec-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9665f29319155c079ffff7417dcf3d0ea8b3d96b518e7331384270a81b06f975 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141548 Malicious code in deneb-markdownlint-venus-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9072afaa134e1e2a0c8fd4b490cba7e97b3f7cd3d0a7707a1d0e64a8aca1f89e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144083 Malicious code in jwt-publish-hermes-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faed0d9ac5f74a79bcc66d9aaa67b60d041eebe36f6287a5dd01a2cc9ff9c830 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145182 Malicious code in morgan-middleware-readable-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d83e46db58fd9bd18da1085d4ff7c25ac4241e50381e402abc794cdcfbee38cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141914 Malicious code in electron-forever-cypress-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6bec960c5d2c7b30446df4bb08b2972ef4d36ff312d03c3c4bce4b033e08d25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144902 Malicious code in meteor-chalk-csrf-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0aba9b08ce2f5a603c22c08ef31c975f98a0baaed6e08c137c3888d64fac1c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in event-nightwatch-stop-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 344a8f3d8e3297fc8cc6ab9afcbfb139ccb0c4598a5bb32b378d352d81064bb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141452 Malicious code in dactyl-rate-limiter-janus-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06fcdc160229f75ffd32cdde8f930e032a5f93e05005ed6ff121763b51a827da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149619 Malicious code in xanthus-build-development-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a806dd95a5e6b3269527ab019eececbf5dbde8ce953c2f0a04ea6db7460bb15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-yildun-less-loader-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a69a769cca21c2b2a2a822e2da066c9daed6de27648e615f57d6c614b2376b8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-non-blocking-gemini-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c690b3a4a77471e0179fcf51a1162f00ed5621bc5863c4189f2d879b998ad165 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139687 Malicious code in auriga-remark-carina-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d619960298efd7b0c006a1c7b634137ff153ebb4843daa952880dc79c3f0efe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149281 Malicious code in wasat-buffer-karma-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab517f07a17bafd85f8d3108a9ecec9aabd164231fb17393495b08a4f786a465 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147234 Malicious code in release-it-release-it-semantic-ui-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7cd1c8bcdbc0ec6726484d622ff13395ffdefd0f82bf15de112474aae255b8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147932 Malicious code in shelljs-warp-mongoose-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6018cc36beddcfdf04b6db21a67f004b60c11db09ff11b6a4015d3b06e4f15f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...