MAL-2025-187723 Malicious code in lambda-byte-sigma-static-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96e512f773e77c8591c7fdc12e28652a7c98180e468e2eaac0b828ba21c83918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186720 Malicious code in emulate-catch-file-mu-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 780b4f9548afe60317b667414bbc56a8f0601ac37ed12885df88706ecec718ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188298 Malicious code in nightwatch-supervisor-hyperion-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1acf8297e72612fc42318e4bffb75532887d407ff062d75774073fb6cea9677 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187198 Malicious code in got-cosmicweb-canopus-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b583c4c57856c012b65646066ece5cffd3db1a2c3206c475e5c74ad3d81bd04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188766 Malicious code in polaris-playwright-optimize-css-assets-webpack-plugin-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0153c2925946fa33f509a7dc20a6a22715963f52da756ce161ceb18165fd23d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185676 Malicious code in authorize-interface-psi-orchestrate-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c49c66c39ec7c53bfeb7d373b988f224b0ca9c2e4f25d92872ad9281b32dc997 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189763 Malicious code in supernova-dysonswarm-arcturus-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb56d71359f955d83f68c2050ffd9f7e52a84eaca18c226afd9b2e5225844e19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187355 Malicious code in hexo-publish-hexo-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00717e5974b423da54268e70eeedbebfd4bb4bf7ee91f3dd7e0b29ca6d88211 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189101 Malicious code in redgiant-gammarayburst-event-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fb563787e7567dd9949be6c74507f2032c7f7905139bf3cf72b031768875cde This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188625 Malicious code in perseus-global-meissa-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d1ec9c95ff2971057d9bc9322cd0e3f96d82bf169f302e6f77174d3922dff9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186358 Malicious code in cosmos-concurrently-uninstall-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db9ff87e8f4868bcedc7df7de1ff3a93230d3a0a503ba209371cc3b10229614 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187240 Malicious code in grunt-ursa-cosmochemistry-xenobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58bccb17c4b674e6159db53f27bc72f3b0aa547f2c6e40f0e3c61ee22969090b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187615 Malicious code in joviology-betelgeuse-saturnology-webdriverio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34d254b9514fd3339b54435bc06e5048cce06aa32590ea9021ad1e864405463a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187154 Malicious code in geoarchaeology-oberon-proteomics-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4457df8bb683c248eb0726675b92eb63a0c31125a2f8c3dbdee0b1dae031dcfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185394 Malicious code in aether-pulsar-polaris-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91d89cbaa30e7fe600859577ad2f26ec0d66a81fd877ec655c5d214083593fbf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in technocracy-spectron-webdriver-query-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb2891101bf48ef0852bf59f5f476ef38c2a245c931903bf6dc90cfc8aa75bd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callback-jekyll-public-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e37871c5d8d32001ecc33cfcef2b8297490b122f158b68496524289819179f33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bunyan-release-it-carpo-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10a0f1e12655c75f70e2c1d052cca1e4b0508a72ebf895e2f00f3b0db2b3a712 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boson-apex-parcel-cybernetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8001d9511352d88a7e53000ad8670d8e302a9876d11a26a839bcbd2c058f4e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jwt-rest-jest-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02d14fa447358c02a9d824fc3d31f4bf2eb4969999e71f2031f7f9dbacb0e360 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...