MAL-2025-188025 Malicious code in meteor-hadron-hermes-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 406ee3b851ee1ae01cae0c7e1ae0e6a83e9ce50744299402f3c59a7ed7950003 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187342 Malicious code in hermes-child-process-apex-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a281ad403ce48fe80ffae106c96e750395afa994deaa511034c881291b3f006f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187789 Malicious code in link-cold-file-mock-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b00633ef23678971f439a4d09b982591e85b2cf14df23a52dc20c721a6ebe3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187750 Malicious code in less-cluster-soap-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47863fe4b497adc647bce8fd2ec2979fb05147e8a1705890e418fd3b97b51b6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189534 Malicious code in slidev-deimos-heka-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fb3bb833b59090c2273ee64229cc9bcec7d73e1125f4e4122edabdcb374d90f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186328 Malicious code in cosmiconfig-deimos-kaus-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b417397ddce4e37930565b0788e7a53a679b19a15884a94a966067146ae2b85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190050 Malicious code in umbriel-spica-rate-limiter-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24a2c3e8a9bab387f482012d72bbd73ca8104bd9ac31e0303a0cd6bd10374ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186467 Malicious code in dagda-ablation-ganymede-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a403cd335f4f51180f5005355c2b51c318cce6d0910807f0b962298e25ee8ac4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188062 Malicious code in mira-pipe-stratigraphy-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a737e899eebfc93719ad05ec9c57d48a39e9ff003452bde12f51658c501679d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188144 Malicious code in mui-xerxes-proxima-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c12bceab74b6419a10feede58b31581319ad3c2259073f79ffd2d6f2445171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188720 Malicious code in pipe-grid-byte-old-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 707c043a8df19e2deb325b85449d0ea39297d0bfab853cf484146aafbc444bd4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187432 Malicious code in import-benchmark-warn-node-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24561d64b8cda186bb2d88f82638fb3bbc75befb15a7a94728acd63a9b4ddfac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188446 Malicious code in ophiuchus-whitedwarf-sirius-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d1d56c997058613f2deb0d5a6c57b6cb177fec88fcd80aa4621f487887dd2a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187942 Malicious code in materialize-dotenv-safe-sublimation-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefa120636cfd6f73b190f56220380ce77849e4a839a8559d1106992e1aa7d8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190173 Malicious code in visualize-object-xml-long-sigma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2adad1da1eb5a45ee27e59a75a9b902cf303eabc80616c3b102fbddc15b14ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190358 Malicious code in xanthus-redis-scripts-fomalhaut (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5378a4c2406d3bf5d4a642721349c3ebe3396f5805ea6a6298f597ae191792cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186589 Malicious code in dione-troposphere-oscillation-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd3d7c0217ab6f013611a85385ba9c99c8a4cb62351eb29fac80795276366db7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187171 Malicious code in glaciology-kinetic-paleoclimatology-helmet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e336bb8d16c009de8df8dfcdec5370d296fb90defebf9631d180d7af50f8fcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decompress-tree-protected-upsilon-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f54cb13086872fcb5c3e171f126f96d2723cd7ed4cb0febfae9e2db744d4d97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-ceres-jwt-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e9ef158e3d8954448aae52a5a567e27d1ce378b34dfd354ba3f163720c80229 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...