MAL-2025-189666 Malicious code in steganography-hadron-stratosphere-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7507c5194be430ac6904f8bef6c62434caa3f72c17684e430f7a5271af20b0a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185416 Malicious code in aldebaran-lyra-magellan-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81adcc48a2be10a01cfcdea5d7b3f48aed02eee2a2b8df9e474f6f4d3026e7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186874 Malicious code in event-biogeochemistry-blitz-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c168aaa32c6134d19bcaacecc1914c528000c3a5742ed4bc55ec24aace833057 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189562 Malicious code in sociobiology-castor-package-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07b2b3e48f63280e2b3b47fe00bdbd1401a9b8ab4b8ce7f4487d3c8669bf24d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188336 Malicious code in nodemon-slides-frontend-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4161a9733ad0657a992b0e3b792993775b939fbc4452872a0be0abdc96d50eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185358 Malicious code in abiogenesis-start-petrology-webdriverio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c7a68bda26fdc2f47db5876bc82da95fecb85744bbe3b435fadf8dfdbe62fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187572 Malicious code in janus-fomalhaut-rate-limiter-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cd3841be35626649aacb44b41b13db290ef1dc661070b516c2e4823083cedf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186342 Malicious code in cosmicweb-leda-sadr-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 270c6cc6b73cca0763aa3fd40890eb81c4f654188eaf7bb4cd3ceb9ded2f43e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188139 Malicious code in mui-meissa-subscription-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e80d941c3ae4c03da2554b9884257c7aa6be8bde051d376559e56e35e912880 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in shelljs-fermiparadox-bootes-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8199a85992f315d21ea68c13b0beedab66d67bf10eae645fc8bdbc5cca7e9cca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189162 Malicious code in release-it-biogeochemistry-geoarchaeology-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5743b02a4835cd12ed5f2fe483d4025048b9db674a57d31bcc2707937ddca19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188593 Malicious code in pegasus-deneb-iota-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f09829ad648a30448e6909586b77ecb91a7d0c11ed07ed4042c386b13811abfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in acamar-comet-flare-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4fa443fc219b32a649b7258c7128b38d90c7010b81b9625f2459c8b43d2a4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in omega-test-benchmark-validate-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea4aba24065b552eb02a00ebb3a060d1185891e26c3f60f4a533a8eb264a7b9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-betelgeuse-eigenstate-cladistics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f97a2bdd138f7da883f74cc7c6a1ebdc9aac6a3457ba9d28a1b30c92106cdf1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mocha-eventhoriz-wavefunction-redshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b8cd1e689ea6014f0053ba750d4bb5a9fa76248e369191d70c4f40b64ecc59b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in integer-tau-chi-alert-gamma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a1cd603c5c21adc708209a0d027df10f306c25f9a5154091584ea043d57fa9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supernova-saturnology-asteroid-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7937459b0c7fbf26e6ce76e53b247007a9cc5cd25f0a634fc670aa4fe393be64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fornax-castor-saturnology-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48e2d13718c7794049c943f0ed36bebb078dbe4020cdf2819ec9c778bf684e9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in authorize-interface-good-xi-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d85a36709ba2fdf12ccdbbb3a62be3d509127dd2bf12f9547d0c46a7016f02d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...