MAL-2025-187925 Malicious code in markdown-electron-europa-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da241035c8c6043578692ac4ee05dd47f6b4d6d0a9301ddc80f8497055acb487 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189624 Malicious code in spica-oberon-sirius-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2795c1c908cdc462362e80d9776884cf1160dc014dbfb2f9820f5ac940eb6813 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190021 Malicious code in typeorm-xanthus-solis-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bb5168a960f3e3d393108ebcfe184344358d5a5de8bd0ebd27903e2f4fc0ccc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187375 Malicious code in html-webpack-plugin-multiverse-proteomics-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f04dd975db833fdc723e01450c24356d92668375df821a448e8323c02bf11fd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185480 Malicious code in antd-style-loader-miranda-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3f4f91bb59bd776abbd17036b4b81e568e06959ffa1d211ed85c33a064cedf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187198 Malicious code in got-cosmicweb-canopus-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b583c4c57856c012b65646066ece5cffd3db1a2c3206c475e5c74ad3d81bd04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185457 Malicious code in andromeda-webpack-nodejs-sadr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1d388bde9d4e260b9a344967865578a95635996ada4aee337f32116385eb627 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187175 Malicious code in global-apollo-dysonswarm-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8624af2234afa89e899457b5b5c227d1c1b09212d1eb8b2a207d466c14a8b2e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in error-signal-minify-zero-index (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9de97ad293aa756831d0293ba26e692cc4a59e7f7ba970803c8b51ec783cb420 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-weywot-typeorm-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84754f42b17c1cbcb703d768e1ec6285f9130fe174ec09e50b1b5838c78f7cca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-event-install-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b410cef5e278f40d1683c3c77135d349c9f67e0537b356d77f55cbd71a3c50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-parse-async-xi-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dd6435fb32b846e888bf4ec073cb1121ac3787e29184213f76f831bbf3095c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-cache-neptune-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dcced428586d5c658c6d06f02558e785120656560c9a4da656ba00cfb75734c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in child-process-concurrently-chakra-ui-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66acf8a52ab5f47e31e87daa88e9ccc679f3580c46543cd05ee50741b3f97448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in orbit-luna-indus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ed9d865a656c770e023fe92f67cb64974da1cbe3fb0141834bfffd8c86df97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188373 Malicious code in nuxtjs-hugo-karma-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79556a4b1006c3aa3f897ef9fccba95b8e8d674b5863c91df3f26f4e762b507a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188345 Malicious code in notify-beta-tree-mock-minify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cd7b1d54a109d886470b1eb138564f487c08a552cb82b12abedc42d0adfc3a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188371 Malicious code in nuxtjs-fomalhaut-postcss-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3531082acc33005105cb670ecb9ad95d910561eb968cd85dccd4a71b29b32d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189035 Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190407 Malicious code in xo-koa-metalsmith-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bc93d08c628e258a21edbc1a71b39f0d152d7a6764acf3855fe0a3c44f76f60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...