MAL-2025-186109 Malicious code in changelog-graviton-hadron-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4654a7b3fbdc91ef9d6bb9b21a92ed4ef7c06883f0343185ff0493e3af578e1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186536 Malicious code in dendrochronology-biomimicry-supernova-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caed6acc9b9859828265ca4931b9597b3ffd7f0a1466d26e6cc64ed395204b10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185943 Malicious code in bunyan-callback-pipe-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c6a30fabd9762255234275520307cd432fbd98a02b188eba9e94d2334be6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188277 Malicious code in nightmare-semantic-ui-init-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dd9e5c43cd91768bb1e1d176eba1c1544754be3fbe8355a892cc84adb8667e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186431 Malicious code in csv-mensa-hadron-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcad2a61b3271f09a9c91abfbe32624703525efb013fae44597034ae04873bb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186820 Malicious code in eris-sync-loglevel-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eceef989feeada3339ec402d1445f185a3b004a1f1c1c4a71553971739a38d8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189124 Malicious code in registry-apex-seismology-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc0e74f615cb57fa334ff9dd070697aeb39697d41fa7ea06d55847b0e2cc7b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185792 Malicious code in betelgeuse-frontend-titan-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95eac4fa944ac0a19a117f2cf25d1f3042447fe03373fb6878a2d5c26c18ffe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189667 Malicious code in steganography-yaml-quark-geochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dbc57cb69903aaa2db9f1b9e287c532e67cb38af8417ad3e70686986e074406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187520 Malicious code in io-cordelia-meteor-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37bb443e8b535dc59175b1ef8d7eb72d284f31f0b56ff72943312cddcb025736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186202 Malicious code in cold-phi-cloud-cluster-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0e9984087d6fc6265ee22bf94590da86323c7d97b5205d237579d0a5556bf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189845 Malicious code in tectonic-seismology-upgrade-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c0bde7c9a540a8b87c023497dbc6b0bccb2ab6e10d52e75d86d40907243a55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187158 Malicious code in geochemistry-izar-farout-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c732107926c21e3fdbe7b6bf70d3a4004926edf48f6407d538a08324f8500fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189381 Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186186 Malicious code in cluster-sirius-promise-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 246366ab6b3632e7b423af9e451968b2bf746434d27260f7b68ffa2a924009ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189080 Malicious code in rate-limiter-aurora-helmet-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9633e2fd02710c31a807cef01e13aef312acd495a2495f49441b3006042bae81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186859 Malicious code in ethology-ophiuchus-slidev-markdown-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c2f40a4b4e432786056beb60a86f5a1aae0069cd01285d04f9d578da7fe9d95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186165 Malicious code in cli-hermes-mesosphere-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 046bc8f401b8fde8793714a2be47b15ddd79ce0545360eba45d7634fd4958c45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188852 Malicious code in promise-algol-cosmicsilence-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61401dd027e8d1fca9c02b35b4293c1cd561b78ddd98e7088a45ed40565dc0b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188827 Malicious code in private-enum-compress-upsilon-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 487ece3448f08f70c5b2da4031eff0deebbae4d9f304ce3cc6cd1338fefda9b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...