MAL-2025-188374 Malicious code in nuxtjs-ionosphere-parsec-cosmology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fc3f9da4423ef958a565eaf87c9128d968bf1ebf01edc912b405a408b76df87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189584 Malicious code in solarnebula-browserify-lightyear-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d0114a2c36dc9ade148440482f25df3f599403a605d2438cde49dd242f702b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186991 Malicious code in firebase-indus-biogeochemistry-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2f7d463efef4ff5f61869e121b0565321a7327a631f0dec3c6b17ce11bace4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187965 Malicious code in meissa-avior-singularity-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56058434ea05e4b11404bc54a0e547c0c81bb85ca6ce5d07d2906dfdcad9beb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189129 Malicious code in registry-quark-barnard-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8be35985da5091690aa56f84416af345aa641a6b98c78446a0a03f371a4176d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188879 Malicious code in prosthetics-leda-mantle-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02ccf110939f33fbfa2672f6cba59b7579228e554de159d0d913b20d0526171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187739 Malicious code in leda-pm2-lacerta-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a15f24a3383d0a2cf2d4910535b0e870d23aaadc1c90c54fe9c449020340802 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187927 Malicious code in markdown-multiverse-vuepress-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc4389cbd599d8b51ef8b9f455d0dff2181aa051854625dd0c231e3d4c364cb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189528 Malicious code in slides-convict-husky-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b69738a724e0092e0205d6285478e0784c458bdc90564307ce801699beb7d7fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189820 Malicious code in tau-mu-good-beta-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffc911728d84781a700b5b9e706f5e42e1d50b3a29e8c8141b254da2aa124f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geochemistry-izar-farout-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c732107926c21e3fdbe7b6bf70d3a4004926edf48f6407d538a08324f8500fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-tree-cat-omega-authenticate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5df03d42eced0fee0ab57f86188cc77eee4e2e2c0abb3e6adb7cc5d80692950 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hadron-postgres-phylogenetics-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7efecbc67236e9f7c84f6a8aae55425b28b28775927173eba1a0a284193afa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in puppeteer-geckodriver-redshift-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13eee7e60a6dfa0e4c6b1091d856e3478c1e254bac890f6a2f95ebf2ccb71ea6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zenobia-quantum-yakutsk-superflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5b7a0791f6b5f95dccbeba085fd172ab4e21e61722e6d0b80572279f26615b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in acamar-comet-flare-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4fa443fc219b32a649b7258c7128b38d90c7010b81b9625f2459c8b43d2a4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gemini-hercules-orbit-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fe0e579d0dafada0cd5327982bc2a2ff526ee05793971d21670cb99531d451e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resolvers-auth0-version-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af4e728e0527b6001c2f08d20b3cfd6a79fcd5d20e77ca00cd55be6186710444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in array-upsilon-decrypt-container-object (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d6f1b2f78f3859c8fbba7480af773e3a640b776964115dd51de4ac13b754554 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-webpack-nightwatch-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318806806d481ef740dd17c622bc164b94a295e29a9282fc7c00d3951dfeaee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...