MAL-2025-186168 Malicious code in cli-module-publish-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2c574de55331c0e324822e435ebfe908647b9d1b6a58c0006c40ee7959d408 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188980 Malicious code in puppeteer-geckodriver-redshift-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13eee7e60a6dfa0e4c6b1091d856e3478c1e254bac890f6a2f95ebf2ccb71ea6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188824 Malicious code in private-cluster-draco-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d55b2c6488f879be03519756749da7f5fc5c54c6733164935e0c5d7f8304675a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186654 Malicious code in dynamo-mini-css-extract-plugin-cosmicsilence-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8e478555161d23346f7ff922f8c5628d28d7fb3aafb9004466f99613fec9ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185824 Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99d6b16ce5f9ad8a4b63643f29ff2a163289920ad64bab9677fc22fda67ddb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190329 Malicious code in winston-boson-publish-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5443c2030097f72cca3da1bb12aa17e11ac24d30b75d4b58b456b05ae958239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188478 Malicious code in orogeny-fork-query-troposphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c492b47b53956d011ee186610884f977d3c12e41fc55e4512fa5e5ac20842815 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187303 Malicious code in heka-buffer-install-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d173a46b2222709ebde51168c15d95d657b1e4e9bdebe6edb1073438c8838fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186489 Malicious code in darkmatter-pegasus-optimize-css-assets-webpack-plugin-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f5049359bccb7733c0fd183c777b326ee012861cd33a678a63ef401518ecc37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190373 Malicious code in xenon-prettier-plugin-markdown-csv-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c713706c18d49eb384bd0bbed325910100ac359c57dd42b07ef52f54605e1685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189450 Malicious code in serialize-cloud-key-array-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d01874bd4c7f5835f39f72b5f76baf3b4f36532a530bfe790cfd96aaa71f6870 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186358 Malicious code in cosmos-concurrently-uninstall-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db9ff87e8f4868bcedc7df7de1ff3a93230d3a0a503ba209371cc3b10229614 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187439 Malicious code in import-scale-deserialize-sudo-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1142c72eccfb79fcf8efb7905decff07420da486fec6dd7f993b8b1d932e3010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186255 Malicious code in commitlint-publish-fornax-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58d0a6efe42d239d3fb4ecfc887966e3ba7f79c8cde0ddd056df53c7460a5ae4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186716 Malicious code in element-ui-nodejs-bellatrix-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0756d6fd922c626edc59579a4d716f23cd964716bb8b7d01a1c54534ab451d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190142 Malicious code in version-dactyl-npm-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feefba00e2caeb92217dc071b9a4fe68188e1dcb407e37e274f1d84a9eb05646 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modasv-kuu-bobu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90de9e4271a612024ee2a1ebbc0d1f02489ddc0e1be137212238d9a2f405c12f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185229 Malicious code in soniec-kat-faverfai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d7f9ca3ce359b3f997b188c86ea2acda14e87f2d527927e9fe7e1edbbbb2477 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183950 Malicious code in mitali-don-olima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 708a63c861a787d1042d07a67757ebfa46d68560817d607524a68e6c05163ee4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avarage-olios-noilag (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b0e03258cc3ff220b58f7f9ed8db43fbacbf403979fa6cde1e1138d50ffcb63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...