MAL-2025-187667 Malicious code in karma-install-spectron-bootes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c100b4ffe6a44ba5483bce1d575dcaba517d9fa586c24cdd4ecb5a4cd06c5816 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186264 Malicious code in compress-water-cluster-slow-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 562f9b245b30c1699990c7a16e89d8683682dfec4887a6054b862b4e36fb2163 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189480 Malicious code in short-encrypt-root-visualize-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdabb259765a3cb3fccffff07405833bdb2511ebd0f4bc5940844e0867525209 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189189 Malicious code in request-gemini-prettier-plugin-markdown-hercules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41aba293435e865cd16c68eb54bf9bd32c3825988f2434b623b6794b0e0ff74a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186888 Malicious code in exec-markdown-avior-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a1422f2c4e3c9593d29f828fbdb6f4fec9411dbaf4dcae7befd206792eba11e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187325 Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187875 Malicious code in luminescence-meteor-elara-oortcloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4723173953a883601c99304b5c4f785f659720aa6bab31360b538d209ba19485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188717 Malicious code in pipe-cz-conventional-changelog-meissa-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f76581a30ce1561ccc8aff0c4f6f3ecc981e5d814d26ad12af5b54f32937a161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187467 Malicious code in inflation-weywot-comet-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2494101eede652b8876724d3d4c467b0a2d07002f73e58557044c083908f9847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187797 Malicious code in link-theta-float-class-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0217fbc8ce82958f98e07fb84597a7fb29c01d324de938f4aca90bcef15b747a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185750 Malicious code in barnard-soap-gravitationalwave-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fb6bb311abe39715f83590bf71d33b3e1f29c30ebcd134a8d514362a9b9313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189307 Malicious code in sadr-passport-mantle-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbf90790b787c745d7ecc3df9a5bb266126009d229135095e2d81322087b872 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185695 Malicious code in await-jwt-vuetify-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd21812b96907664c208aee1e22aaf7d46e2eaf9437d6f4a0c8a6f0731f689fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189782 Malicious code in supervisor-slides-orbit-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f9dbd94f494a24ef57e9ec19ecdf8c357feea71319d53b704f455240c03183 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189860 Malicious code in telesto-vulcan-chai-cressida (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c2c62ca99c0ece84c5f61317c8a3488fb6ab06077078722559423d5b60b63cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186541 Malicious code in dendrochronology-pm2-chromedriver-orogeny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87475fe3d358aa6c921d2001533db20b1270f65e34ccabe2e8b3f381d6cdbcc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189777 Malicious code in supervisor-adonis-epimetheus-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 031b5317eed45524e3872e8c8ded824692243142391e082542e9e09a09e40c6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189175 Malicious code in remark-fornax-ora-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c243912e669259606e8a9f8f960ecc02cdb7dec0dbf107c3290c61dfef328cfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186994 Malicious code in flare-backend-jsonp-orogeny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06640d76332704792e5098c70eb8c3d1552602cf276e52392177510a7cc3a1b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188232 Malicious code in neptune-vega-slides-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25682a3ed251ba5db9bb43d5f80a93426e070844ca49a329dde44e797627c644 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...