MAL-2025-185520 Malicious code in archaeoastronomy-epigenetics-proteomics-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eccf235d07fb5b9150ec0c3ed8014227de1a1e59d4cd9643a3a785690ca480b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188695 Malicious code in pi-emulate-lambda-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 236bb810d2fe074699de9d6eaf3ef0198b4b49689dc232910649ad3d8f66b4b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188046 Malicious code in mineralogy-oauth-eslint-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbe44d4d94ee8dc2a076fbd2c79e1f212e27c5eec50895aeb116768be0b5a242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in passport-magnetosphere-sociobiology-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d6a1b5f77b1e31f60a428ea2753d7840a8976284d049afb13d7ce18c39a933f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rho-alpha-phi-cluster-water (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6e7a4ef57dd54f76ac6aa11467b48f4f5cc687a1a46e1934d0b1dff8c2cf4f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in achernar-elara-flare-lyra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71604e145a0b1443f49a3500745d187e525fc1f9757d251712ef14e8943f17f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lynx-astrobiology-exobiology-plutology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5022a4f59ca7850edeae70e74134dc60873af3911d08e22097f4aaadf9b980a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in authorize-route-signal-grid-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6420ec20f08fe9014278da249056c739b4f40d5559cc32d48f639433ed2f1ae8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mui-reveal-md-registry-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76ad89d8331122a15bc7cf5f8f5bff6b20a31ed3a2ccc02e5573a1f7b14248ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-mesosphere-meissa-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b34101e61927586d02c2c662fce1eff112c80ee71cd05aecf02621788752976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-babel-centauri-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 304c683267f7b701dbc99741dfd9571f4f23ae6cc76d8c453977e8cf968040fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in titan-despina-zenobia-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae5ee25ca20a09d9abb7fc1a6d770bb3c601cf9ddba8f4d1880abb62fee026fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kastra-perseus-comet-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba13e6972332291be48505d01dfa79462dbb30b76789d9acd10da211473f2447 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antimatter-celeste-meissa-cryptography (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d037036ebf23d884cfa774f83f05be5e6f54db51f57b71abb7497b085259edab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radiant-cross-env-neutrino-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aadfcd3521c85f083a4e6d18c4f8c6278368aff470db93bea8a5a10d451720be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proteomics-zenobia-cosmology-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a4e7d5ae13c3d2ff1ead466a88401fa90829d62ed12d16ab27ae9c89d0f3bad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-spawn-leda-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe7a1045067738f50113be83874dd4bbe0afc4ee5fc89b8ca6d1f619c3760744 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-nova-wavefunction-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a71178046d6bba4cd289f92d4a80c4b5b2938521d5c4be7a784b9de70d0b722 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-dotenv-safe-carpo-release-it (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 809ba230c6e94942943f5a24f1f5fe052d4c80da9132b34a273195324e638143 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in envconfig-fornax-void-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1239ea3b31415a82c90cd5302c82bcada5a25101219fb703c24e45ba2738c305 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...