MAL-2025-189398 Malicious code in secure-phi-web-yaml-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24bb7f54cd938265baf2a3052d77d5384cef40e78cb6cb96648925c983d7f010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188925 Malicious code in proxy-encode-cache-easy-delta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b71d7168ce33fa33d117ca3dfeb5107315620cdef1a12c36ec833ec3738c04d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190086 Malicious code in upgrade-mysql-biomimicry-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e89ecbb34736ad99172db1733453ead2fc944d27bb81b71f476ebf2c4552a96b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186465 Malicious code in daemon-function-throw-file-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5a73e261a4f17a185bcca6a3ab3abc503be436cc2631043966eea2b64c29a97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189004 Malicious code in quantum-norma-canopus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89cc616e1c86db519ac69507809139300362341a112b7750cd00848d92ec1602 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188403 Malicious code in odin-toml-element-ui-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5661962d1fadc577d8482aca57631a8e89fd2662290ed31824e2467b2c2a2ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190389 Malicious code in xerxes-perseus-antd-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81323bf2213ec382936f574183e15746e0cdd853bd816099879b73532eb5af70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190308 Malicious code in weywot-wezen-bootes-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95af838a5409ad46c803f49911e5142c4505a584392775561fc0e5b1eb266f01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190106 Malicious code in ursa-eslint-gemini-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1630e5264385a9c74585ac7083a4b36aafec62504d3d7b3b68157e82eb2a04b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188128 Malicious code in morgan-readable-auriga-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff939728ea7fa25c81887369da0440398d003a2c1acce70f1b5acf9dc29e82dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188566 Malicious code in parse-rho-wind-compress-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfc74d0b4f7851739d57d20a63fb3e706a3d684a0ac314906182c64d39b1dfc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189265 Malicious code in rocket-vortex-nebula-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb509f13958f7a7b72ce609e2825f1e19061e7b2d65cce6416a6e965c065359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188183 Malicious code in native-quasar-middleware-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4925360eb023738a4b9a50e62ee394450cdd5775f18795b8fe6531ab3371729b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188912 Malicious code in proxima-farout-react-bootstrap-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8de6d79a1a73dfed48c1efc53d474df34853b6a3b421d85f3fc6e594822232de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187427 Malicious code in ignite-hermes-ophiuchus-semantic-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a46d3fb402931eff7024c48a03204cb67a6ee59f55d17ca893a2a5d4973ec28a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188192 Malicious code in nconf-middleware-extremophile-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d50417b20169e15bf51384ccf1ce983d58f6d92fee9ea5ee2b2023b81eb2006 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189710 Malicious code in subduction-middleware-javascript-supernova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7115b54f7e57043e98fb77619781e6bf25031e1d32deee60dd41e1798635fdb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187081 Malicious code in gacrux-dorado-impulse-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c65b3ff1c02ec4218b6d3cfd1acef8705073c0a75768296613710e6fd716088 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187122 Malicious code in gatsby-fornax-nuxtjs-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17493a8c27f8742691d5fb50ff801a6a531114bb0524fe9605d6af16d32780de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...