MAL-2025-187256 Malicious code in gulp-rollup-plugin-carina-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68bf9fcb09e12feb0d27fb4d36e938ec6bb40361ec9a2ab7c9eafbc28e56ebb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189381 Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187591 Malicious code in java-orchestrate-awk-process-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23029396724af0865eecdd010c3f17e6739fe0ce56c8d44b3531fbdeac934801 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190094 Malicious code in upsilon-parse-module-virtualize-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a440b3c8b3c00cc296b78fcc754858117fc974f54cf17d0173de5b6c412031 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189034 Malicious code in quasar-robotics-soap-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf869e7625d64431a49efb119397803362e8d03292cfed0a621e19d3d58e102a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189214 Malicious code in rest-oortcloud-interstellarmedium-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f490d6f037ba5aba42fdaf960b0d8bbe6e55f94782153789b5b8d489e6eca4cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185447 Malicious code in altair-genomics-firebase-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d94b29e9713ad4d380989b0c0e6cdac4a84cf8357cd6849a4b7ebd32e68c9b50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189876 Malicious code in terser-webpack-plugin-nucleosynthesis-hadron-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9369464ddb44df2eb49a987731c6b712db57570302fd3f325530a2afb053126 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188232 Malicious code in neptune-vega-slides-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25682a3ed251ba5db9bb43d5f80a93426e070844ca49a329dde44e797627c644 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187556 Malicious code in izar-mini-css-extract-plugin-hercules-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6536a29dfab966492b09b2edeb0b4ae69f3011304e1a35a5d640f66472abbb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186392 Malicious code in cryonics-convict-tectonophysics-interstellarmedium (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3046426de3787a9aa4f412031c6f1bcdb84bbef847218226d09e8a9ca3226ac5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189641 Malicious code in stack-theta-meta-index-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1540d87914707a278e9777b85d134c2c627f02d165bde85e7f01f8b9dfe3237b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189525 Malicious code in sirius-stop-umbra-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e55a14a033b2c4791dbf3754b9d92b6fe7fba60595a0c5234a281f5b9d0c6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187333 Malicious code in hercules-css-loader-restart-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71cc33249cf2dbd5db35e33047b6953ad257e29a19278529523291fbffb2ed6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186582 Malicious code in development-warp-geoarchaeology-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c840035c07923c4175839d47e43684ea33f6cefb2879b9b69bc767d9eb50c71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187980 Malicious code in mensa-koa-castor-typeorm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c11e9097d5c00ae335a975d0bd038394411ebb396691bf1af493adad32a9d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189203 Malicious code in resolvers-solis-native-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d6c0271bfa31246dc0e28318a0cfb1ce680b0268ea0bf941130328312bcf78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187854 Malicious code in long-alpha-code-sun-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cb602c6b94108ac0d207627555585711911a931cde0410f20974c8c45d67f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186998 Malicious code in flare-sirius-parallax-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a8559b0ef5d85b4d90c0f847ff6cee668e1afda6de3249cf424af6575f3a52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189610 Malicious code in spectron-mini-css-extract-plugin-enif-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77bf4632685f048e884c1d50e6b8ad6399db3c7078098bf8b61b8d61dd7d4b35 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...