MAL-2025-185416 Malicious code in aldebaran-lyra-magellan-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81adcc48a2be10a01cfcdea5d7b3f48aed02eee2a2b8df9e474f6f4d3026e7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189373 Malicious code in schema-bunyan-magnetar-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3ce6f081cee557707eacd7810a9814c41e0e6b0fa80e601cf9858edcbc9384a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189564 Malicious code in sociobiology-radiometric-relay-geochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c45a0cb4544585045819b6d85c347bea35b81bd249d8c80c711911c1321c1ecd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189538 Malicious code in slidev-resonance-farout-baryon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa5d96a4541e7562f20a9b4fcd284e9207e6c3730ae698555ff68ddbeba4023e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190007 Malicious code in try-alert-hash-catch-index (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e85fc5860c00474af9c73797df5baec4c6920cae1896fe84f084c86f57a23547 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187442 Malicious code in impulse-dependencies-spinner-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b1c5ba732a67d3f66094e9fb848726d7544d82bb0de3c82c8ad2e54e6932cea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189240 Malicious code in rigel-toml-meteor-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb277329d6ab2c16e35a5db9786b3b32d0cc5ff257df12232dd1afb5ee4bb67f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-centaurus-juno-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 929260b67680ed0507a691726e1f4f84a5fb3205b6e1217e1356966bbbfa20e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185484 Malicious code in antimatter-slidev-install-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f36ee67d3b0eff64d3bc613e4f77cf96c2ef826571257f8f7761c58e4faf537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185353 Malicious code in abiogenesis-airbnb-supernova-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b35d79dea66f1fdc77e0451d307bacb1912c7849f9e4094598cb136d4337f33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188593 Malicious code in pegasus-deneb-iota-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f09829ad648a30448e6909586b77ecb91a7d0c11ed07ed4042c386b13811abfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186202 Malicious code in cold-phi-cloud-cluster-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0e9984087d6fc6265ee22bf94590da86323c7d97b5205d237579d0a5556bf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187155 Malicious code in geoarchaeology-ora-titan-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a806a3cf3dda3c3eebe62d2f064979deff4dc5be13189bf1b05b046a1a60a856 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189357 Malicious code in sass-loader-prompts-inquirer-blaze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8510e31e6aebe1ba6798f088e0772983d71667602f005659f7f54fddb9b9facd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190351 Malicious code in xanadu-proxima-transport-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aeb08505911268d5477af6771dde49e5f8b308294908a14422197c264ce684f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188865 Malicious code in promise-user-static-small-stack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c64df40d8c88404b0fcdbcfd8a46b14e2a3e655bab47d6be8f43f550bdf10edc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186061 Malicious code in centaurus-farout-html-webpack-plugin-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f90a93fb08acfd5f7fa33fa6b6f7fc638d17fe538b4201be97e4fd9c7c056b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187321 Malicious code in helios-zenobia-geckodriver-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e796785c3aae01a64472105d999ce152bfd6adbaf103c097cc7e9a3b257170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189162 Malicious code in release-it-biogeochemistry-geoarchaeology-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5743b02a4835cd12ed5f2fe483d4025048b9db674a57d31bcc2707937ddca19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187969 Malicious code in meissa-gemini-jupiter-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089faaaac3c0796dcadd5706ba9d72fecc451884fd1cf61f39081991d2cb04c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...