MAL-2025-189510 Malicious code in singularity-restart-helmet-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bca51a8abb3ba39999a0e92f73629dc78b2744ca31118df7bc64b59ab1337ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187917 Malicious code in mantle-achernar-kinetic-whitedwarf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c799008fb34f7cb2fa52e045f7f6d7471d623dbbafec1c8b02a121ae895ec8de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185742 Malicious code in balance-char-byte-final-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 817e865ae1c8a984187cb4dbd722f2a15ab88822dc1ff846b8b0644a317fdc6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188521 Malicious code in paleoecology-tardigrade-express-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab02d785c1af544c7c0c174e3a90bdc47d16a2f816fbd258d3b669ccf44e59ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187538 Malicious code in iota-hugo-mongoose-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a38d5dd37b1d3a02248bee4b3d4f536393bee7b92c3c8e07a12e1e35b6cfdb14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187659 Malicious code in kappa-notify-web-encrypt-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adabf06362cf23d6c3eee9d92b084952fd8949a52f6b30a787608914698c108 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188136 Malicious code in mui-auth-betelgeuse-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0b2fd7a8c638947ae3bfc4c81fb4a2b89e7cee50538831189f80aab8974dcde This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185985 Malicious code in callisto-cors-ini-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee2ae0957732c6cc0510feddf764b20bdbfeee3eb45f1f46839a45c4ac7e2c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in route-compile-good-private-tree (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4656944013166c647172585699e90a5fa13386025f1b2465f79a8fe3483315bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189776 Malicious code in superposition-unuk-spectroscopy-borealis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 447a420e2f7492d5062a141b6b5f5bf8ca06267753ff8c144ff4da6937865934 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186659 Malicious code in dysonswarm-gulp-dendrochronology-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df2900cd899be02f8b927b3a22067e8f4e1e87d3b8ee57a7ad44205167f4a2bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189930 Malicious code in throw-uglify-old-spy-water (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1384ba57693d772926659c64ade30837da4880fde1b05621a4e5b0bf482469d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190319 Malicious code in whitedwarf-meissa-standard-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12016985bcfbeb9b567e3b4dd9080f0f3918ebd691305456490eff90d30c35ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188805 Malicious code in prettier-plugin-markdown-lint-jest-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4732bbd796f8b60aa6eaaab2fad1af9c69bb1acc6c805e0ccc202d281754d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185543 Malicious code in arcturus-fornax-thuban-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7009c927b5e00df689b7d6fb41e960faddd6fa557d4deb76f787a5556c51e1d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189381 Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185539 Malicious code in archaeometry-yaml-phoebe-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 880fcbbb3bbcce9c482ea58ee1f84a2ff2286445d9705d51ab580632d70a051c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189428 Malicious code in selenium-avior-antimatter-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42db6c042c566e179df6a1d7dedd3a0cf140b367c1acfd4d03ed2f557fe89d41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188094 Malicious code in mock-string-simple-final-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38d5a29590fbb31cc80dde1e3ad6cfd08ab4787dfdf5aef7c978472bb42c5d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186570 Malicious code in despina-publish-spectron-webdriver-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c96b02a08c822eca34bf2d23c33a2cc000664ca7467c6f82190e3f34e52328fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...