MAL-2025-186679 Malicious code in eclipse-levels-lynx-nanotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e16a598e256c596a0ce072b0c9bc1946d67911157b58b0ad8cad82e607360b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185683 Malicious code in avior-backend-technocracy-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e4660f214d4b00c4b4abd3af9e79316c7f7c5a06984a4a7e9b4fde2a60140b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187986 Malicious code in mesosphere-chai-hermes-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3a859d8b89079691e1fa4081212caa22fbc584c0379ef009eee6eb1c9d5ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189695 Malicious code in string-deneb-string-spectroscopy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 863eb46575a339449bfa620cbed48728a4a0680a0b638d8ef0292cd6d43e3f65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189492 Malicious code in sigma-web-unix-interpret-earth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6de47f3e1713cab92f3460ce1c317c8f9f19aa0c38b48608a6e6f8acecd99a79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186019 Malicious code in castor-avior-nebula-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3ac7f4b7745ef2fefbe7941e4e0ec75010774808b4cef6c3f46008c71ab8c83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186466 Malicious code in daemon-old-mu-interpret-deserialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dda0ab04e2ba0fa8f40b2f82ba9779c443b1f435191d835b5aa780d630f42e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190343 Malicious code in wolf-baryon-pino-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c5c26b4bbddebc8e36586c62ff40c2aa982515ba61ec3a07619de7e7851a02d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188336 Malicious code in nodemon-slides-frontend-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4161a9733ad0657a992b0e3b792993775b939fbc4452872a0be0abdc96d50eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188821 Malicious code in primatology-technosignature-magnetosphere-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb9ab28fb0d25c1d31157674fadc3130df8137ade8adb06630447d3c3639e54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186749 Malicious code in enif-ceres-request-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdd13e00db1b0e02341cc37a68e8140e103a121804f1a8515d8b75918eb4511a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188183 Malicious code in native-quasar-middleware-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4925360eb023738a4b9a50e62ee394450cdd5775f18795b8fe6531ab3371729b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-phoenix-betelgeuse-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e4bc442d8873cd68c56fe61c66df8a408f502757c0c8ddb89374f722f785995 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-tethys-jwt-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404215b9a56b2a2fb508a19ae3dd7a8e028cd7ee171394ea28d87123eb72e07b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pm2-development-postcss-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8abe1ab361bfdc7c9bcd7a0b5a189b4e741150d6a0e1f27487db31c5615e1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in heka-buffer-holography-subduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05d43fa721efe3264cc084cffea7aa55b2acc8a7e66e03ccdccfd836abdd2771 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hawkingradiation-flare-hydrogeology-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6711499c3b50b9dadad3bd102d577f6ea2d023d26006d020d36b03b830898417 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-steganography-europa-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa873d12cc9e98d60b4d9b9e019ed48bc303d6e15fd979722da154321653dd78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sandbox-export-integer-alpha-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d6426877b9703b2cc29ae7e3069049eb2d4cfe9a922f49dea5024fe34d259c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in betelgeuse-development-heliophysics-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92b70583e7477bb67771e462bbb87b08c0e5d8a2c2d4c4d78f182785763a9749 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...