MAL-2025-186614 Malicious code in dotenv-ophiuchus-steganography-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bbab8194156ba927fed79b2c7a39a4d66fb84cfaf6e8b439ffaac9638597dc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186291 Malicious code in container-encrypt-kappa-virtualize-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f797b4a9f89f991872b9512b2adfc5ff57180b4e3a26fdb86bc508e15a96a1b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189606 Malicious code in spectron-csv-dynamo-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bbf027f428c69dd10d7d00bc4d1e879261d2ddb9873cc7a63ccbbdecde071f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189366 Malicious code in saturnology-webdriver-mocha-registry-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5eee96b9423cd54ac4f62a065004d3dac4b3e73c78de4fb77e91972eef1fd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186393 Malicious code in cryonics-cypress-stream-lithosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e533649bc4d4bab67fc1c2e430b01f993e7a362899875e82326aecb1f8770f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185872 Malicious code in book-earth-runtime-delta-chi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ca56a31956e75b2290ebd4b408475ebe5dddc60d039e85ec0ad1fb35dc980f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186412 Malicious code in csrf-relay-miranda-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f899356aede6a0e064a4ad0d787f45e899605f276b16981fa45ad710d5d7f054 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186979 Malicious code in final-dog-throw-resolve-short (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23c2397efc5859b1076b97685efe63f23c65d3a4a53c6aa6861d363cb5b8cbb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190114 Malicious code in ursa-process-query-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9eb276d7c42a3eb8d32f6a4fd0ec8a87d3a091523a686fbe495218f0f56f05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186266 Malicious code in concurrently-fork-blazar-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46e2cfa382a69284deda13d32454b9f9e9e1ed3c213c197f1ee60c093e7277f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186534 Malicious code in delta-string-enum-thread-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cdaa218fcf1da6962e6363ac39a9737390e281d97f094cb7660d1ec9e6b733d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188458 Malicious code in optimize-theta-process-cluster-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb2b3e9d3328a363fb5b4710efab7a9851461ed3577869eae397a170f5d2476d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187680 Malicious code in key-class-optimize-notify-fire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d94bf43315a8c1c2893814e9659a334209b0e31030d5d9e792fbd92c4daf7c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187371 Malicious code in hot-thread-cold-fast-epsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c05ed2faa72ffc66743755809b61ae158c8a76189298f711ee7005be644c7df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185908 Malicious code in brane-mocha-elektra-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a64e4699bbd0a9043d4f0a6fe6c81a12163af437814fa8d1de4cf1f028f65136 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188640 Malicious code in perturbation-coronalmassejection-terser-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eab3af769d7114c72118e1335e26d4d061cc1c56c6a96424a5deb5bc7269a839 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186923 Malicious code in export-psi-zeta-upsilon-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f1ef51d519c74b84c078dc5bf56f9e105291710857d19dda790846f4d0bccd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188500 Malicious code in paleobotany-janus-writable-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d24d77fbf63477dd28b1fee9f1049b7e8f13f0ae9aee555c30c1ee45e367e71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190191 Malicious code in vuepress-mineralogy-aldebaran-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a174c9530c0b8fe98c44cdccf1bfa383d150ed11c2a1dec533c5293ae03557d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189271 Malicious code in rollup-plugin-html-webpack-plugin-cordelia-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2554973e6e1d34edad7b0276e63e4eb111a0a6bf2f4ddf64775f7090d414bc24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...