MAL-2025-189801 Malicious code in tachyon-vortex-bellatrix-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5822972fbd20e17b527df3dc5f1fc0d18bc0328f474e68ac68715f30e9fca2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189478 Malicious code in short-easy-cat-mock-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7dc557c2e409230293cd798f07cbaedb448573af8880b9f57c7d82c8d0e77c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187501 Malicious code in integer-omega-virtualize-star-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f17b62eb52e500d6d763bcb97084f1de1bafb8b9176ec2a21c9bf2c0779b280 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186262 Malicious code in compress-async-rho-boolean-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47a72962d3c729d5d4253ec9d28d30df0480c577add110900f74126b32e3a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188451 Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc399df1baa583fe9c5b3c3d19473cebd1498ab6c0de46cdc1ef484368df6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188159 Malicious code in mysql-enceladus-cressida-whitedwarf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30127f561aaee92f2844597d8f2c4f4c05917776b7427fedbbd4c3112d2b841d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185961 Malicious code in cache-cat-index-async-small (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7e9349b68caace5888139d6b847199008fcdcf3f6ecac1191d7bf29cd1b8790 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185864 Malicious code in blueshift-lynx-dotenv-safe-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dab58c5139fe550ec62331ad682959b01530abab6c25ee42eabc08fb386d1f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188241 Malicious code in nestjs-postcss-loader-slides-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136d6caff4f79bd4c2162390fa99edba8f8844e4ae965bc0081adee88785b282 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186398 Malicious code in cryonics-publish-dactyl-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8e8225eeaac0b8916a2b89b7dcf39e7988138e6e430c4f6a4730306f251bdfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190445 Malicious code in zenith-cladistics-plutology-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05e4a78984349e9b233c2b9c6774a1bdaf97c0dab19c4ef6f0adec068f2c6150 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188207 Malicious code in nebula-lyra-astrophysics-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87731194882f0a9904a010dc5c887ceff5fea966c6f645da196e94537a27f879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187992 Malicious code in mesosphere-nanotechnology-got-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c51ddaebeed905bd3e4d2efb4932a9094e6dada95ad1d5541fb3cc456209d2d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phi-secure-deploy-air-finally (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc13f51e75a048ac88b7a6957de8320f60bd9b1e5993580feb537cf2c5e7abb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-sagitta-cors-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d259b39ce436f6936ead7f53ccab2ac0cf8b65ea6395c27e67242eac3d8cfb7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auriga-uglify-js-repository-thuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab98d3b4f9ec84b7cd785d48f45aea4d87df73373b865bf1f960aff6759d0fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkmatter-gravitationalwave-less-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60169f4539ca2dfd27fe10bf32020236f1d4b0106bec0644fa577812e0362eca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abstract-wind-sed-void-chi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d5e53ae7dda852720328d7a274c948331816065494dccc96a2c29504e8b584b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-volcanology-meteor-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 439f5aeded04421261b5e44959256e95a019859e49ea507d43c2521ec92cdfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-release-it-telesto-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156c3f239097b5a3342ea65e94f1f7759096530b2c5377c81f15266c47ac3366 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...