MAL-2025-188745 Malicious code in playwright-rimraf-version-coronalmassejection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90c9ce759c2ff105ba07471c175f8ef3973282b1178caecc178aeed3b051da9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189353 Malicious code in sass-loader-cluster-link-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 457c2e864673b1e699b6d103dedadc301fb27dd6c6ceb5e99f0f2acfef90a5e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187767 Malicious code in levels-event-bionics-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bdee777e410b3fc1869f19ba81326e968afb704dace7f49fb14bc7f0397e233 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189394 Malicious code in secure-big-user-unix-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58302a7110a1c0f90f3bedc311dc5eeda947f3da8ac2e2e1dd37e19aa2b0347e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186061 Malicious code in centaurus-farout-html-webpack-plugin-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f90a93fb08acfd5f7fa33fa6b6f7fc638d17fe538b4201be97e4fd9c7c056b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189941 Malicious code in titan-luna-luna-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d1efe8a02e5a0cf5767bf942f74baa1ba82ff3d393560c1d4740ba7a5bc1b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189705 Malicious code in stub-scale-alpha-epsilon-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75f8b4a809808568e4e6cb14303729e4dae23ba42ce8fca5522267fd3e6f2a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189959 Malicious code in tool-wavefunction-ultra-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6440db217bbb9f167b1f6b7b229fe260c8138b56561aaeb8a50a4cfe2d6b38b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186897 Malicious code in execute-long-pipe-file-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5dfe837fd34a8b4469ab59da1615cecd539ec907a7092c2d0566fadd5cef083 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187107 Malicious code in ganymede-palynology-proxima-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543e63880d502f59f3d0b14c0fc789ac361fa84e5f73d03802527eb7c0a98c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186113 Malicious code in changelog-multiverse-heliophysics-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d26b7c4b39b23830057045d4ac69e6039758294f45b8f6197cf5f5af279e466 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186715 Malicious code in element-ui-nconf-oauth-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4fb80ab7cb345deae95e9acd799044d7c7a2e26647d6c158c687da329783e0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189811 Malicious code in tardigrade-mini-css-extract-plugin-nightwatch-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eccd2dbe37050ec44770db072262af063d90c8cbb1f901cc4ab7337d91745c94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190350 Malicious code in xanadu-paleontology-zooarchaeology-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d47751981dabc8838147582a7e72cfe99ce10b5f0a2f2cfbe4d271c422d667e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188262 Malicious code in nextjs-event-chromedriver-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ce4df6b55a16a8f6624b07812fea2d0e0020b2a6c4ee1553d910f9f217c82f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189876 Malicious code in terser-webpack-plugin-nucleosynthesis-hadron-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9369464ddb44df2eb49a987731c6b712db57570302fd3f325530a2afb053126 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186888 Malicious code in exec-markdown-avior-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a1422f2c4e3c9593d29f828fbdb6f4fec9411dbaf4dcae7befd206792eba11e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187094 Malicious code in gamma-stack-fire-async-abstract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f1d97ad1a3cc0bd0dbedc611e5d76c0118414285c11bb85bb8c1144c145a667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188562 Malicious code in parse-abstract-beta-rain-benchmark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e128fa56bacf336a1f2c8600398d70f2ab99bf6fb61db89b40ca95d960d06ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...