MAL-2025-187980 Malicious code in mensa-koa-castor-typeorm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c11e9097d5c00ae335a975d0bd038394411ebb396691bf1af493adad32a9d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186127 Malicious code in chariklo-dysonswarm-yildun-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa477cd6897766c398cd57a2aea2b1d6fd733eff39b5ff57980aab03eac32282 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189042 Malicious code in query-sed-hash-mu-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e5ff46385a6c398888d0e98adb6298c90d848a3297da7da247fba314dd47ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189535 Malicious code in slidev-levels-install-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09ab6a6244fda69cb617aec284412593aaf95900f028ed41c9805a71c843f185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185888 Malicious code in bootstrap-forever-uranology-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2670113820a8f2a2c46158eeea3fbec418026540f0e9939b1e4f110363f9c9c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186541 Malicious code in dendrochronology-pm2-chromedriver-orogeny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87475fe3d358aa6c921d2001533db20b1270f65e34ccabe2e8b3f381d6cdbcc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187162 Malicious code in geodynamo-draco-cache-thermochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faf8bc17f4419109058b137dbb7f9cfea702b6352c942c830cee9294fde9f0f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189035 Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186555 Malicious code in dependencies-galaxy-install-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5276469197c6221f8948ff69ebe656dae79f34980fb1e4e95a39c2df8634cb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186069 Malicious code in centaurus-triton-library-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 508d04582683b1a2b69f84330b530a99d086493e9e8e58e18c5c504817462a69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187492 Malicious code in inquirer-technosignature-slidev-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a80471215de05dc5eb8727a26889d075b75a02f35290f888d2beb43d04a1dc99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mock-easy-tree-long-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024026dd3f4783206bcee83b487c028a5422ea2faae10edb1bb7f221102dee15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in public-eclipse-wavefunction-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ced94b4a1f127cb891036fa56d9ebde3bdfaf8aaab19aa745eef548a9208c41d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decrypt-import-info-optimize-authorize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59d67888e31511b979568f205c52f652170fa14821b80328addca5fbf3deb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in comet-areology-exobiology-perturbation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac451f944be29580351eac0dccac375a279a8129179ac8cdb869585117c5f018 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in despina-cluster-asteroid-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f439fbc8184c33b4d3fcb4697058f662ff06229dcae196ce2b304f9a2e7d22cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yaml-phoenix-sequelize-redshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector befdc31dfbf21824f96fd7dfd16ca443ed7f64f6ae4ef4f86e1d0dd0c1c6c5fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in on-eigenstate-eslint-plugin-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61020121bb5fefbd87e738daaa5fa258f3218c907118b301862e4333a537ef1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in browserify-seismology-vega-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b178840b82a5b2a19a72b4c9d23538f165376341cdb7cafb4139a16d6502add This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wolf-baryon-pino-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c5c26b4bbddebc8e36586c62ff40c2aa982515ba61ec3a07619de7e7851a02d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...