MAL-2026-3684 Malicious code in @gusmano/reext (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 498a21b60dcdfe236ea0b1683e1ec64aa091643b6ad562c3845757eed79660d8 The npm preinstall lifecycle script dist/scripts/preinstall.js, wired via package.json "preinstall": "node./dist/scripts/preinstall.js" reads the...

MAL-2025-190409 Malicious code in xo-morgan-css-loader-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df18935c38976d8952bf589369f1a0e87fbdb16e09e484594e5e302fd8d55ee6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in water-balance-serialize-omicron-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10b645228c86dd124d31b5de28c55a401743d95fcfde72307326120b67d14f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188350 Malicious code in notify-zero-abstract-old-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a53282b311726aa389d4f18e04f8cdede5fd23b6a0f0f816a5e9547530a4e8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deneb-multiverse-augmentedreality-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c3bb282553929ded53f031976182f596ae80de4f0259afe9086d8c43ffaa49e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in earth-visualize-abstract-beta-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cdcb9e255cb40cbc9b3900e368a05edeb31be8f58530b34dcf7f168ad49aed6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eventhoriz-perseus-semantic-ui-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36c8dfc94f09b2035ce23b897ae3ff76adb7eb115168d013c0bbd9b08398fa8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in extremophile-geochemistry-dendrochronology-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bea310cfefb66f08a96c3188538369447bd04612535e404ae87469b672b6668c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fermiparadox-helios-pyxis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4110ce456b0d3ee05ab386cd882d362726708a69daec5cde442abef8ce9a9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in got-loglevel-ceres-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b2e9f729f99ce1db8045e28e7e2b5344d4377dd1b1a8f21d8fe39d2c57b0dbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-betelgeuse-xanthus-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3c6304ec6e85d47dbc95675de68746430ade85ec9fbecf5cad5c5ec8a058683 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in less-astrochemistry-ceres-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce97bc6d36bcde07bce91a015dec579ae6795f061e92685f77111fbb9c91bc6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in luna-zephyr-hugo-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2659334214262b9e688121710ba3382e3ea0f485ee7251775693554d6ad20f91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-genomics-uninstall-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfeacda2b376daee22f78d9a59bb58433ef352a72d825d0910791a5051064406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-css-minimizer-webpack-plugin-spectroscopy-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a2a729962259a1b810fd5b3d3ebbcd7a38aca27aa52129940b9e07adc0b6483 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in optimize-css-assets-webpack-plugin-pm2-lyra-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 741161c1e5697b9ea2854e1e99a994a7948792bbba257c3d30130fd110051d4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-plugin-async-astrobiology-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1575655360d32ad6eb45dd6dfeca312cd7cc44d003f56621dc00b12f7ece9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stream-build-ganymede-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24b83fb6af139dbb9bbd46a83057ddae76e5bac4e17b4d50dc4543a894b03951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transform-semantic-ui-eleventy-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ffc4d6e7b72b0aaa2abde280bb586981de8ed65cc2174a163599fb04f6fa777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transpile-bundle-upsilon-decrypt-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43f3b2cc46e9852ad1e5d13517a2fc8779647fdf4b1bb64c894398cade68b86f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...