MAL-2025-187981 Malicious code in mensa-nightwatch-magnetosphere-oberon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4f3d740a50e16322629457256cea5c9793c5325fc9bd0a3635a7cf8f709ad94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188260 Malicious code in new-transpile-alpha-log-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bc8fc5b7728dce5530f80ccd313b6a0d4a003f8c1b9ef1a197bbeaa964fecf4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187076 Malicious code in futurology-jsonp-process-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83de495bfed417c3f9ff4e357e38dfd3504a6671650b88cb9cb5100abba672b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187876 Malicious code in luminescence-pino-superagent-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca44ea655f57b006cd3f79aed4d56a7f533cc6dc90375b078867d19ed03bf2b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187692 Malicious code in kinetic-module-apollo-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b5cb804d1f1fc283f2f095cb16ea1efc39e0c5c01069f6c181acce93aa56ff9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189200 Malicious code in resolvers-kinetic-eventhoriz-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10aa06e998c3d788fa72d46ef212a5ae000339d3d9b287dfddbbd99d288cc440 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189048 Malicious code in quito-config-lightyear-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2774879e2c0a7ce0d979c45203cd24a0201a338f4a913577244ee6c095d46e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185354 Malicious code in abiogenesis-cli-start-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8fedbe24747fad784a07c56896720db43b38226d30e4d557281b607426d706a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190180 Malicious code in void-grus-superagent-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20a8a9fd08defaff05f5feabf694f5b971ed1904512ea95cf7ae5be645b34d64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185833 Malicious code in biosignature-rollup-polaris-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ee28aaf0ab1598c2cecd4a41de5df103b572fd7b814c701bf0175aa1cc32f96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188039 Malicious code in middleware-exec-callisto-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60905c35a7066f9f04d69342a0d5643c9cd2ddcecdc2b3cd3e20aa82208a84f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185943 Malicious code in bunyan-callback-pipe-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c6a30fabd9762255234275520307cd432fbd98a02b188eba9e94d2334be6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in item-atim-kubusu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aef8a978d0ab885eaa97886b9319fec4e450dce689300e7536a213638b61de6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inda-fodija-gifga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7c5c6fc8b12b73ab44f0a8a2a4c5fda8f02b6e57796ee18a0fdcb892401740 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sonic-kos-fudvitifagagafyaja (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 259eee7faba75b83b5e99a5e2a18abfbdbe3d1ea1e25e9de9abe2e5392b31242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mitok-doni-olialoba (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 467181e82b862b8c9a7b6b034bda9473abbc7c93d7ba2e21b659be07d8f1023a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inda-fodj-guofi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08be2e03d47d3e5c6a35b90176719721e7b6850eba81e3220239a521267604b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mitoko-ontcami-laoi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d12add47e75d23ab553b15b026fad5294919694dd6a5c3a9395f2c5ca5881f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imodiov-ofi-cafacevavisvmolcabyca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43bd9bc2b371d7b3fdaba182ad358cea839ca954328c64f4ce65d4afa20b5041 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kisut-dfg-dufaiban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bb34fb48320ba52b872cebf586c29fafa87d37b4a9f0c3769996d335cac3def This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...