MAL-2025-187069 Malicious code in fusion-publish-query-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d512720b57f461578a656406e73eed2aa998862e62e2635a60b469de603a5928 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190401 Malicious code in xml-sigma-meta-daemon-delta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9814f634f331ea15ee456dadfc2e7f1468d32fd0e4eb9ef64568b3b1466cec6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188846 Malicious code in procyon-mesosphere-gemini-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1617fe95d5c3a6b0a11e412e1cc9bf89b5a7629f0457231d8eaa6e8791af360e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188767 Malicious code in polaris-publish-vortex-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebce85812e6fc46ef9fcc86a5c7993e6c77bffb1288c327defb1b194eb04254c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185728 Malicious code in backend-nashira-rate-limiter-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e28d41418e73455f50fdea86c16dd0c3ae6618565892df8f8aa3497811e2fb9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189639 Malicious code in stack-bundle-public-air-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a6dad623ae43208f3d2ce6d58b9a6877f82f8d1b29ce106c6cf596c71f8fb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188571 Malicious code in parsec-pulsar-areology-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83728336db821db8e3edfea191f300647358c704dd0e05a3ef3a4999fadefbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189441 Malicious code in semantic-ui-redis-dendrochronology-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8d86fe46479392a59ae1b6014000b1675286c6ae85a50c9f04470b1d5626df6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190123 Malicious code in user-boolean-info-decode-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5255d33f074e4f791a5dccd9e6d57315c6fc8883da3342c9b4a0a9ca8c5fb24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189840 Malicious code in technosignature-taphonomy-pino-wasat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cb950925743b43b318dc4f6962ce166fc091c100004eeb753fc231ed2ca9452 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189108 Malicious code in redis-corvus-transform-dependencies (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53578cb8707c6a8f4d8cf11e99a8d46d4bb1ee0c918484fb2167d78b26b8b3b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189629 Malicious code in spinner-spectron-electron-builder-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5547969e5f5ac3725394a5c2063f7d61a9754ae52484e58a5122af9dd4a10578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190085 Malicious code in upgrade-mesosphere-slides-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a91873a5b873df3fe99ee0ec6b44cc1d4008c8bc74886676ad22b1e99b5abe9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astro-ignite-scripts-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bba3a708c5a453f96034e7c4d3cf4270b696d5f709ddbdde132492bc811cfcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-upgrade-wolf-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f36eabf70e6a0498bc947c1d4011bf05f67eb39c3e4010c7ab28a2b04e317f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sadr-proxima-uninstall-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae035b667df2da489c93555d27bdb3a7cfe04311fe176852f8da12f8278923c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in view-deploy-scale-promise-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96480d65642dc0564974939eafd6126129e7f8b4e9c3845b878bc9244ff62916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geckodriver-configstore-wasat-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2f554559f2c15cdd878cd010e17ffdf5d0c74c4f7df74796fefa5166db2df70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in petrology-supercluster-relay-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64e7980d40954d8062670b9c1263d6823ca34e45eaee3e5ee43066b8d272c341 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-supercluster-zooarchaeology-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23dbe896a92e864c6d40edf151690e7a04699b5c221f7fbb1c21f727880dd0fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...