MAL-2025-187486 Malicious code in innercore-yildun-blaze-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c6a67c1532daa0289287aa51f609d0b21a44bca1e258d173afd670f7b9aede7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185384 Malicious code in adonis-child-process-pegasus-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3209c8b1de00a411a153a4f8dbe6ad93c7dd53375702b75897914da7bd3baf36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186408 Malicious code in csrf-carina-technocracy-areology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9db0c04510fbe25f05f94fe0f96db201917b1ce0b47d780dffe69d15e1a1201f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-public-eslint-plugin-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8260827b01d06f49fa980d26d357da964681809e032e0c1e4ea86afb5a6ad66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179244

Malicious code in draco-cygnus-repository-aurora npm...

EUVD-2025-180298

Malicious code in astrobiology-flare-repository-cluster npm...

Malicious code in vuepress-toml-magellan-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d73486af759f7bf45f85de2534aee0ca48048d4c03aafacd5b532d679496ef3e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178463

Malicious code in ichnology-archaeogenetics-repository-dione npm...

EUVD-2025-180236

Malicious code in auriga-uglify-js-repository-thuban npm...

EUVD-2025-178661

Malicious code in greatfilter-lithosphere-isostasy-rocket npm...

EUVD-2025-178674

Malicious code in gravitationalwave-transhumanism-repository-cors npm...

EUVD-2025-177671

Malicious code in neptune-async-karma-repository npm...

EUVD-2025-176906

Malicious code in pulsar-exoplanetology-archaeoastronomy-repository npm...

EUVD-2025-176687

Malicious code in repository-reveal-md-multiverse-quasar npm...

EUVD-2025-179730

Malicious code in chromedriver-spica-repository-epigenetics npm...

Malicious code in mdx-coronalmassejection-tardigrade-paleobotany (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 492b299ded7916b85e77ebb5ca4a8466e7e4e23589a665e40592fcb3cbcd626b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187206 Malicious code in graphql-nightmare-css-loader-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827a1eab8ee4f7a8518854247fd592f6a76ba721ba6900d144ce9f687b27a255 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187947 Malicious code in materialize-repository-dione-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b82c43f714b10f67dce4baed55a1a1ee8189351c594660d8c8ccd7e9f6990d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179776

Malicious code in chalk-supercluster-repository-morgan npm...

Malicious code in adonis-child-process-pegasus-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3209c8b1de00a411a153a4f8dbe6ad93c7dd53375702b75897914da7bd3baf36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...