MAL-2025-186878 Malicious code in eventhoriz-ariel-atlas-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92528c607e087330fb36dbf06bc64f943543eede0e85245ebaa7e3c0e0699c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186986 Malicious code in finally-validate-spy-transpile-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9042f0ca03575eae11d95191fb56e4a493c9d9cc6f78b44ff5664df90a5eae0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187325 Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187508 Malicious code in interface-awk-balance-epsilon-orchestrate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05f2ce4e85cc2ec7f434ad7f50ef8d6c39c253afdf7a7a04aa4a3ff2d93178e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188993 Malicious code in quantum-child-process-vulcan-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db5c7c674775a7060b2695cecbde40c0352fea9feb3cd9e5e0c26845c229e764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186859 Malicious code in ethology-ophiuchus-slidev-markdown-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c2f40a4b4e432786056beb60a86f5a1aae0069cd01285d04f9d578da7fe9d95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188363 Malicious code in npm-publish-cross-env-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f326fe849575cb4d47994a975a7fe829719b21959ffb49ef1ac24126a1519ae8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187238 Malicious code in gridsome-slides-pipe-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d3041ecadbfa1b9ee20c448a9f21b65c9463e9e394b9f82d5a14402dab7ac41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186830 Malicious code in error-validate-refactor-byte-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e7990422b33800950f82b858c49bc8d9140dbd49c020770a8373607ea132679 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186825 Malicious code in error-error-authorize-phi-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b340179d411fda452870d0f9f487b221dfa2c4ebd9f2f2e93457306569405e42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187793 Malicious code in link-loopback-hydrogeology-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da395659e113c0159b3a1ffa62f95566815334d185057840f3d59b3c5e74e71f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185396 Malicious code in aether-radiometric-sedna-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7134d489c8a851a58b9529605d85a949d662e70a8a5b193333fd2b342b9db97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187520 Malicious code in io-cordelia-meteor-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37bb443e8b535dc59175b1ef8d7eb72d284f31f0b56ff72943312cddcb025736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185886 Malicious code in bootes-transform-nuxtjs-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f64f3298d697d03cf370511ce9702d97278f09a984e91858e476725b20e92f56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185618 Malicious code in async-eta-try-balance-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16ce88a7db07011ebd02f6deb6abe9ec27e30f28d503c3580ab35c829a94c70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186746 Malicious code in encrypt-public-delta-chi-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0273e011f95f5c7bd83382e4643a9ef8f11d463f954e2ce4c19617e1bd63c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190442 Malicious code in yonder-webdriverio-lynx-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbb715d4acf64ade15a47fd3c5a01c86a6a1ba2777dc7bb8b003d084a247a51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185822 Malicious code in bioinformatics-proxima-uglify-js-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b2714f42d0f923659472aa13696e78a1b29164f409010a8320d0433129c6c99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187171 Malicious code in glaciology-kinetic-paleoclimatology-helmet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e336bb8d16c009de8df8dfcdec5370d296fb90defebf9631d180d7af50f8fcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188144 Malicious code in mui-xerxes-proxima-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c12bceab74b6419a10feede58b31581319ad3c2259073f79ffd2d6f2445171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...