MAL-2025-186319 Malicious code in cors-standard-epimetheus-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a0e58885cbe1280ac15b1de772db340d444deeaad728af9524fe0139441eec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189403 Malicious code in sed-secure-rain-water-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dd93355c379fb04cebb47c7a76029b9ecbc852e8bbaae7413f21844b2222cb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190426 Malicious code in yaml-iota-jasmine-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8425bb6b7f07910bd25a68dfefcdb32430f54afe0d64a10bd237cf2ec705796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189893 Malicious code in testcafe-canopus-graphql-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f4cfec36e2798cb46c6101c52a91328a2ffb0f2c3298b732437bea7f1e20372 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185515 Malicious code in aquarius-quark-materialize-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1361235dc778d6f5cbccdd8b3c169fe0d8621f1ccbd26ff529fc2b01bae8e0cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185424 Malicious code in aldebaran-thuban-gacrux-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89edf3df3532bb49c2c76748f619d106892eaa539e1416145739aa8a307a1f0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188372 Malicious code in nuxtjs-heka-google-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc5c65fb21b2b3d1ecc525d9eef20278307f1623df27345292cda8081c3ce4f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188873 Malicious code in prompts-radiometric-passport-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0758b16dca5d6cced10fe96195a7c2306a87710fa84a7e5173a33d16b608468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186366 Malicious code in cressida-cache-iota-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efdc68100f25ab316f603e943cc9672495c31169a3534af578cd94b80cb0b020 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187450 Malicious code in index-error-cold-earth-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 600c58f15b415a9d7152de753764755c856d4f1b2801557141a9e6a851d05879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187826 Malicious code in lithosphere-quark-mesosphere-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00a6e66fb35724cd066f57229bbc6ba22c9e15e1a62650e159ca4befcb76544 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190299 Malicious code in weywot-astrobiology-biomimicry-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33ab409a95035ca69c063d26818d399f9455f7783951de128b164c4b145ac392 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187785 Malicious code in lightyear-cors-quasar-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 429afdc097b789886b2f73a40a1eb7753fceba27a84af51e06977ae222b5f0a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187793 Malicious code in link-loopback-hydrogeology-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da395659e113c0159b3a1ffa62f95566815334d185057840f3d59b3c5e74e71f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190007 Malicious code in try-alert-hash-catch-index (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e85fc5860c00474af9c73797df5baec4c6920cae1896fe84f084c86f57a23547 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186878 Malicious code in eventhoriz-ariel-atlas-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92528c607e087330fb36dbf06bc64f943543eede0e85245ebaa7e3c0e0699c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189811 Malicious code in tardigrade-mini-css-extract-plugin-nightwatch-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eccd2dbe37050ec44770db072262af063d90c8cbb1f901cc4ab7337d91745c94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187567 Malicious code in janus-centaurus-mutation-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ade06bb69658e6f0d48afa3ad9598c1491c9cff55530ec10a0eb88bdd857857b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188917 Malicious code in proxima-ophiuchus-geckodriver-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5c7e0b28606987a99e1e5a3132f404b2435465dcff64ef832c045c0ce0f5423 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188939 Malicious code in public-jovian-solarnebula-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6544f3959ee43ea506834ae31150ce449031f41d3b92034116387d96bd7ddb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...