MAL-2025-185613 Malicious code in async-command-farout-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0253e71a4c0ddba50faf95c0847a068798e928497068a0ce75230dae1f5950a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187859 Malicious code in long-new-report-analyze-permission (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a5911bc821953db265ad24e2c3eb594acbeef9e54cce5fe51e810fa1a656cbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186567 Malicious code in despina-kastra-forever-supervisor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3c8f509d760595decb8b8160722db2226da87c070b5e751910271123bd7fd94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186231 Malicious code in command-dotenv-betelgeuse-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03c0eda4bbcf824a758435c6c4648e1bacf43810c9b85cf1effc8e2dde9f47c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186343 Malicious code in cosmicweb-miranda-xerxes-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 689b4bd5f9f10e90e5f9194bbc308daef426c25ab1ef6f1682b3006735701711 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185656 Malicious code in aurora-sync-buffer-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76b4ed240221e294fa55d34536228a20e0a7f3ca8a80a0e59f3caa86531c263d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190118 Malicious code in ursa-testcafe-innercore-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dfce035eabf7825c0a7f26269b5bf0b12829681278f18b5eadef5359a7fca39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187072 Malicious code in futurology-arcturus-saturnology-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cee2cbdc2bc3dff01e44b79762d6c94d9ca914096274d79ac432f730d252e8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190416 Malicious code in yakutsk-electron-nebula-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e3af3d47e9940bbcfdc5b9bcad2402c0f51883d757f2146466144665b36d363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190299 Malicious code in weywot-astrobiology-biomimicry-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33ab409a95035ca69c063d26818d399f9455f7783951de128b164c4b145ac392 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189066 Malicious code in radioastronomy-photon-eslint-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a645989f783782e13048984e4e9fbd513842be85a2bee02ecbb304166d33afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185603 Malicious code in astrometry-kaus-on-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469c28639b258e0ec9481cddd807a104ea8e6e67e6450680bedad1a799ee103e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186202 Malicious code in cold-phi-cloud-cluster-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0e9984087d6fc6265ee22bf94590da86323c7d97b5205d237579d0a5556bf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186584 Malicious code in development-xerxes-dagda-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7042445332cc153f5065a7dece3340b416923ec1504216b77f9ecb81566a7d5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187478 Malicious code in init-parcel-run-script-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 258bb21c3a3de866aaa23cbb8d387c7def0f1812acd17a8cd69e306b229a92b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185400 Malicious code in air-easy-dog-float-interface (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5383247b85e0c729c376c538e98461587e02a8093897571bde55b8c251dcdfe9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187746 Malicious code in lepton-xanthus-paleoanthropology-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f819ae12bffcff278cc70e29a906edd0faeb0ab3b65eca9831126320e7ead4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189130 Malicious code in registry-readable-nucleosynthesis-jsonp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 312e23130468892f66ec008e2c37d568ce30ed98197cec6017648e4fe9825d86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186319 Malicious code in cors-standard-epimetheus-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a0e58885cbe1280ac15b1de772db340d444deeaad728af9524fe0139441eec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...