MAL-2025-186467 Malicious code in dagda-ablation-ganymede-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a403cd335f4f51180f5005355c2b51c318cce6d0910807f0b962298e25ee8ac4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185886 Malicious code in bootes-transform-nuxtjs-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f64f3298d697d03cf370511ce9702d97278f09a984e91858e476725b20e92f56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187789 Malicious code in link-cold-file-mock-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b00633ef23678971f439a4d09b982591e85b2cf14df23a52dc20c721a6ebe3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189640 Malicious code in stack-compress-nu-zeta-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 175e67631711d41d02520521df6190627ee39430a578d67183c97e9628a7568b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188798 Malicious code in prettier-meteor-mineralogy-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db2695a262bc6e69c6034c20bc2c7d9eff61f2b332c8b08bb2467def0f247e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188946 Malicious code in publish-antimatter-augmentedreality-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d5d6b123e34a8689a89de8c4284bac809a0af916cf5f51956e0bb8bcf35c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187325 Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185661 Malicious code in auth-pm2-xo-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60541e6f176099b0b6014c32803b87028642aab5dbdef63c049df0f8c28d8ca1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187520 Malicious code in io-cordelia-meteor-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37bb443e8b535dc59175b1ef8d7eb72d284f31f0b56ff72943312cddcb025736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190240 Malicious code in water-catch-cloud-upsilon-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ee923d12f25e195265318063f9ca7aefda531762b20e5da248f7248ff39084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188178 Malicious code in native-electron-builder-nashira-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c326aa33890289362406cb0f22eec8401d0b31d237121e8667b24eaa89de69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189725 Malicious code in subscription-playwright-public-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701a8a346bf74a50513bb9a55b5b268f778f18a886f3f088e3fa641fb990991a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185396 Malicious code in aether-radiometric-sedna-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7134d489c8a851a58b9529605d85a949d662e70a8a5b193333fd2b342b9db97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187415 Malicious code in hyperion-postgres-eslint-config-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b260dcd289e1588d69c2094c68adf2469a9d1213fccfe6612787d31af1167bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187760 Malicious code in less-mineralogy-airbnb-tardigrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1e150649f9701fa8a91531cb8cfe5a7a8a65c99dfd46ea28f5561aad1fc5b44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186172 Malicious code in cloud-class-stack-xml-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 233273838b0bc9fcd5abb46cd15a57798f84aacac1be400324b3c6b7173ae244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185750 Malicious code in barnard-soap-gravitationalwave-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fb6bb311abe39715f83590bf71d33b3e1f29c30ebcd134a8d514362a9b9313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186589 Malicious code in dione-troposphere-oscillation-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd3d7c0217ab6f013611a85385ba9c99c8a4cb62351eb29fac80795276366db7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188243 Malicious code in neuromorphic-cybernetics-cosmogenic-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 160b9ee422b1614bc10ab76b17cfd59829dd820e115922f452f8253b0f2750f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187846 Malicious code in log-info-good-promise-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72c03b63d7e6ec2e8f5732886871961885d3492ff65521a2d134fa374464187d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...