MAL-2025-186379 Malicious code in cross-env-cross-env-photon-superposition (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb2fb8727e1f7724d5accad4dc8d450ac3e5735b535600cb2fee7ed81e14ac8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189982 Malicious code in transport-babel-dagda-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76e1c06bb58ec7b568f529051bd863c23ffa6e9ca7544112284c9f889effd370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188721 Malicious code in pipe-oortcloud-void-volcanology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 396cae3cf577124eba1d39303feb623fb7e9edec9a55138cb0b465ac4dc20d8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187593 Malicious code in java-simple-void-fork-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a431fd38fe81d86e10d39de2b0de5f9e1d478535958d3b4f6dd4350bb47db014 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190081 Malicious code in update-tethys-query-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9cdbc0040f0ab2939ef7f69498168277de65baee517b5eb4aca16ce150e5c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187295 Malicious code in hawkingradiation-mensa-dotenv-parse-variables-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ee4465c470511ca5e9eeddfdda3cbd2e91351b7d6be3534042756782073a5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186787 Malicious code in epsilon-bash-sigma-tree-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52d28814c9273e5485edabd3f7886de05ba4b3bb5991d48da9ab724dcf3baaeb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189520 Malicious code in sirius-react-bootstrap-ignite-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc6dcd2d217e217d0b5ccb225e7f9e203388db94165fb0a422d99841f2ce048 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189381 Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185401 Malicious code in air-epsilon-zeta-key-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3315bade14bc91e0c028f375cddafcc7a08630f221281feff53d52abe8355d54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189111 Malicious code in redis-parsec-fomalhaut-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f6b63091fe63c9c115a258761d34a460d26b24a7a9618ffb80e210f5fa78f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190306 Malicious code in weywot-wasat-galaxy-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d83b4069b0753c07d3c79bfddcd91d26290f269a708d2f97e47c1fa9605c067 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185972 Malicious code in cache-xml-stub-fire-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a2eb0e7fa0e94ac62c34a36f3df12ad663540f26fd5d5989d0e3c8dbfffc90b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185989 Malicious code in callisto-hyperion-dactyl-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f5fbb4310291c69ae8f62db97f4ea9145c9fcda4341d9b4daa0178186b0d4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186714 Malicious code in element-ui-jabbah-chalk-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db3f9316015fa5ef848708130ef54aed0cf418b68094a0778716dae464213509 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188577 Malicious code in passport-magnetosphere-sociobiology-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d6a1b5f77b1e31f60a428ea2753d7840a8976284d049afb13d7ce18c39a933f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-betelgeuse-eigenstate-cladistics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f97a2bdd138f7da883f74cc7c6a1ebdc9aac6a3457ba9d28a1b30c92106cdf1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in integer-tau-chi-alert-gamma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a1cd603c5c21adc708209a0d027df10f306c25f9a5154091584ea043d57fa9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supernova-saturnology-asteroid-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7937459b0c7fbf26e6ce76e53b247007a9cc5cd25f0a634fc670aa4fe393be64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in omega-test-benchmark-validate-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea4aba24065b552eb02a00ebb3a060d1185891e26c3f60f4a533a8eb264a7b9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...