MAL-2025-185931 Malicious code in build-perseus-repository-asteroid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27053231811897d728e75138a8e6197e848557505ca26f8741717e627d78716b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in primatology-chromedriver-vortex-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52a6155584522545296ca4bffd3b3c453ee4f2c118bb59f9dcaba2fe89aa7438 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resolvers-auth0-version-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af4e728e0527b6001c2f08d20b3cfd6a79fcd5d20e77ca00cd55be6186710444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-firebase-bunyan-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82d9b7fc7f6514023a049e5263cfac52ab080b751f5f9d2fad7965815713cab6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in native-gacrux-antares-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb581562590879071b9edffbb930548ea09b003f0c607354deac206ded34fcbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185462 Malicious code in antares-aurora-mocha-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 889355acffa58cb18b880f4ddd5e587f1056c8f5bbdccc545b03da310c4e347c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189752 Malicious code in supercluster-vortex-blackhole-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a840cb750914a2d75e4627c09a5d65fdf3f78ccd08344dfc9f366053fad4d11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185427 Malicious code in algol-apollo-dotenv-parse-variables-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5dbf3d57217d8a8fb345de059ba274eff8da19e26b131ff5780683b2ec9c167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188065 Malicious code in miranda-borealis-nova-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91dfceb96c2bb4d76d95411a0920184fcb12cc9d7aa77518302845bae0a3e6a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186991 Malicious code in firebase-indus-biogeochemistry-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2f7d463efef4ff5f61869e121b0565321a7327a631f0dec3c6b17ce11bace4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187927 Malicious code in markdown-multiverse-vuepress-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc4389cbd599d8b51ef8b9f455d0dff2181aa051854625dd0c231e3d4c364cb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187919 Malicious code in mantle-galaxy-vuetify-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27d095cf3f4227e38f0e854fa3861543aa352678e355ebee87d347cda3e374fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186188 Malicious code in cluster-tool-quasarjet-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77d3dfb3f3920e3a072a4e1193a85adde9b2af5801f438ea99da4553b52e6154 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189029 Malicious code in quasar-capella-bootstrap-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0bc1b439777658c1074981b53aaec6921f57e4b6f74d04257402b16d4c5734a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185650 Malicious code in auriga-parcel-soap-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbe5b1c35448ad73eef103c3a367ab3cbf211d6af7d8138c9531cad4d079c357 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in update-dorado-farout-draco (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5519ec1d8838352fb2dfff226a2121434fb340e7e6267d41cad435072182acc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186398 Malicious code in cryonics-publish-dactyl-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8e8225eeaac0b8916a2b89b7dcf39e7988138e6e430c4f6a4730306f251bdfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189884 Malicious code in test-meissa-stream-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e201ad4797f6c1d0adc706095b06d260333b5a1677e61717564549f492ee379a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186587 Malicious code in dione-kastra-public-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94e45af73e65c8bb69b8936ef251a668c188721bb919947f8884f6ae981cf02f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186193 Malicious code in code-code-old-reject-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c899170e707048f7a4cca5c47d5b69c5e973289a723f30a8f0ca015ae5d82005 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...