MAL-2025-185409 Malicious code in airbnb-nconf-redis-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a83a2aeb7ed757c3f88c29533b1f99f98b6f8c7bbe9e48c1143c76a979ebf1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190055 Malicious code in uninstall-semantic-ui-await-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d54cdc877af56ca1cfb7dbad3c96a744be26cd760c76bbef5ee6ca64e03bc210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187767 Malicious code in levels-event-bionics-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bdee777e410b3fc1869f19ba81326e968afb704dace7f49fb14bc7f0397e233 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185385 Malicious code in adonis-comet-sedna-geomorphology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 337bca060b6e0e2d205280cca27089440473dfbf815ca59cb70305a3995b1f2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190263 Malicious code in webdriver-manager-neptunology-oscillation-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c818da0d4724a5056bdb4220b90d6078bd9764e0642c6f267bb98ecdcc268fd4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189299 Malicious code in runtime-stack-awk-visualize-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29f5a4b7134730bc0468b4baf98a46892732f059846e6f73260ec464ed7e041f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185650 Malicious code in auriga-parcel-soap-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbe5b1c35448ad73eef103c3a367ab3cbf211d6af7d8138c9531cad4d079c357 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188417 Malicious code in omicron-enum-link-permission-double (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9804048589d4df4d871f01e83fb61ba2d7b918abd2ebe1ed69a6e045eedce720 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186210 Malicious code in colors-superflare-rigel-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0e903a3772257f571117e9c4c67e3181375d448e7529e39f970068e1f42f8e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in schema-dependencies-paleoanthropology-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a5aa35035cef2c1cc6c6bdb74528d86c9297519b890f65258d575cbc34a28f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antd-playwright-ichnology-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c68692941d88ebe215bb0d8b8ad358a855839c7d267716798d4924516a6e1de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190482 Malicious code in zeta-transpile-encode-pi-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 372db48429838467fa0be86a5ed9950434fe7964c97d1b228a5e6ba64fc23ce6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189115 Malicious code in redshift-run-script-chai-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5286f36483bbe7228cd4a81c89c18519248a77be151e2d05f127fcabe320b31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in socketio-webdriver-mocha-kinetic-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 150f89806d0e3db6e1a5a953b3f96457bdd5d51522b9cbbbd9401b3cde6bcc82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-babel-centauri-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 304c683267f7b701dbc99741dfd9571f4f23ae6cc76d8c453977e8cf968040fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in remark-exosphere-cosmicsilence-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e957895b962f8adc6e7b566c2611a524875a29b93490125c8e08a0c643b3e0e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cordelia-indus-cors-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b161dd83470ad8e5d5e7fae8eb08ea363c660e9e4d923d81d7c6716a5955553a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rho-alpha-phi-cluster-water (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6e7a4ef57dd54f76ac6aa11467b48f4f5cc687a1a46e1934d0b1dff8c2cf4f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in morgan-magellan-public-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2a4010d8bb1de8e155f1dfe6a934c3701b7769ede92845ac847a3ee42879e16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lynx-astrobiology-exobiology-plutology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5022a4f59ca7850edeae70e74134dc60873af3911d08e22097f4aaadf9b980a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...