MAL-2025-185592 Malicious code in astrobiology-postgres-comet-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4f9f42d7d970e9c3621b2c6627763137e4234a33749995cc474e82e2e0214fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188450 Malicious code in optimize-css-assets-webpack-plugin-polaris-docusaurus-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c44a99fabb4e0d5735d6d5ed781d797b9a5c415bb82cacef81f2cc52473301c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188527 Malicious code in paleomagnetism-neptune-jsonp-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00b7c4e427afdc185348daac0c7d3815042fbdb19ac15e8d7e848299230aa85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189525 Malicious code in sirius-stop-umbra-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e55a14a033b2c4791dbf3754b9d92b6fe7fba60595a0c5234a281f5b9d0c6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187205 Malicious code in graphql-karma-cluster-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ad37a1bc3bc4069bfd4867fc32ef836f405f93fe38cb337fd1e5e922bda5076 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190396 Malicious code in xml-oberon-axios-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d055296cad7864006fae38c855357f3989b269c0e15811c27891d9d0a2c49d60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185973 Malicious code in callback-dynamo-lacerta-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6d300878b315b706f8527cf43747b70cde297845c6d57fd85b3a93e8b1d283a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185766 Malicious code in bellatrix-command-testcafe-pino-pretty (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b703a2d20efa32ac0ae07b76175be8aa18b3f4ebfa944f7d27fafa977a66963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190012 Malicious code in try-signal-lambda-execute-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff58345af7f94838fe702630b47bf18db37968f47a7626a391421cf46ad542f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189582 Malicious code in solarnebula-await-superposition-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c226fdcfc6df863c5408e9a6b8341542e42b7f6a25ff45ded78a44d9f5cfdc22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185853 Malicious code in blaze-figures-auth0-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 727dfde69f223e063e6c105bee12a8dd3b764b31aff3b3d9533313df6746f169 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187236 Malicious code in gridsome-planckscale-primatology-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7518cedd7951dca7e3b0b962acac9863b47e470220a639cb5aeef37ddee442fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186343 Malicious code in cosmicweb-miranda-xerxes-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 689b4bd5f9f10e90e5f9194bbc308daef426c25ab1ef6f1682b3006735701711 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188941 Malicious code in public-perseus-zenith-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1e0fda9529023a9e7ae60ebe50dfb049b2ebe3a6ca123f31ad56a1ef6721213 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188404 Malicious code in old-decompress-scale-throw-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ac07058aa278241320c2b4fc18a86d94746457ed24ac97143b47589a18f1203 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189366 Malicious code in saturnology-webdriver-mocha-registry-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5eee96b9423cd54ac4f62a065004d3dac4b3e73c78de4fb77e91972eef1fd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185671 Malicious code in authenticate-scale-analyze-book-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d038c7d079b519f31ce6b09657db6765d1d0007fe0b8bd295d08d7806e81e80a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188620 Malicious code in perseus-carina-duplex-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82db29da799b8923adf9e0105b02d015268632fba539c6d56c55e7300b952ba2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185986 Malicious code in callisto-enif-cryonics-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1cb08800e2395ac2ce2014130ec27002e68fd1d04853aac2157234a70f9542 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185535 Malicious code in archaeometry-europa-asthenosphere-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 261ee2052bb353eabb1fe0c480e76b4c843e7c52774ad71cb95ae7d1f1a41fa1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...