MAL-2025-188258 Malicious code in new-optimize-async-spy-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64b1c7a23fc78fcdeadaf377309af5ca61840ff7fca1e1debb675390e587536c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187908 Malicious code in magnetar-eridanus-middleware-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ead7461c3d12da73b3122b7ebabc893dd659348b18da148e543e262a5a0c0c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188224 Malicious code in neptune-morgan-pyxis-australis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a87db8a27a89fe726fb48c35503b12c1183506aaf4a9a2d8765e08c568c719f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190029 Malicious code in uglify-zeta-tree-delta-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c2a9aea8eab50320c779880a7b814aebf214304d7a582738f948d6c44cf0d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoclimatology-draco-backend-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdaa0bdc30656057f5e04b2da3574851ff0ee47c443373d7c23e7650c44b40a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hermes-dactyl-canopus-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62799d2b20f03765f78f7108ecd6c29ff5e28773faa479e8584065f639f569e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186679 Malicious code in eclipse-levels-lynx-nanotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e16a598e256c596a0ce072b0c9bc1946d67911157b58b0ad8cad82e607360b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in galaxy-blueshift-astrometry-quantumfoam (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11c73a4c693491673fc8c94de7e4e6149530af1635a4e9230317c4fbb26d2a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in relay-neutrino-procyon-stratigraphy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b46d1421bf767e864fb70e46a380881c11baaf943274c94aeff70da06d51a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187388 Malicious code in hugo-unuk-leda-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985868da95638b1ea3c6c5b706eebe02eb66931a258774e2bb9ef2a8e2dfc480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188907 Malicious code in proxima-auth0-eventhoriz-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb2a9000c0dcd71777429c94f047ebcee589fc4ce406ca7328171c5d2f75b2a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185685 Malicious code in avior-ganymede-backend-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a4711152c4083ccdb19747bdc390909e2dd6d6c64e5f7d82894ecc60e1fad7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jovian-development-meissa-configstore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 368fd919ca26defdbec74d1137345199e4f402a0faa4c12e098c42d47af0bd7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-serialize-omicron-mu-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69139970a915ceb4235e38acc7b982f8685dd4a844c2ea07bc4144d8a42be7b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186726 Malicious code in emulate-tau-grep-resolve-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 537111f2ce71d83f483cdf19d12bda80c8b9dbbb1a5081022d1fdbd029694e33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190485 Malicious code in zooarchaeology-darkmatter-higgs-algol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e40bacfaf5995390d7123e836a60c8f771cd8c541530f8bac5be2044ff74b519 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190426 Malicious code in yaml-iota-jasmine-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8425bb6b7f07910bd25a68dfefcdb32430f54afe0d64a10bd237cf2ec705796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in assert-analyze-authorize-awk-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22c630eccb84be45213459c6615f3f2e1a07d5142b357a8e728754031a1209dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-deneb-phoebe-paleoanthropology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e503587813565ccf9b93395be34e61ce05fd7b6a71e5c4f6f1bc95a90b27696 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189164 Malicious code in release-it-juno-cypress-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55d18c480ca87915de8b545c8543b1908769b9d71711027a718c1af31ffaa6ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...