MAL-2025-186839 Malicious code in eslint-config-uninstall-mongoose-superflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4389e7f6cba244996efe78ec18203346fe48ed7af508ed9911925bb724a6fdee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185997 Malicious code in capella-cypress-stream-supernova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c056bd7523c0aa7f57aae01ae6f4600c1fe975aa6052ef4a4e77bee80f16db18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190045 Malicious code in umbriel-gulp-sqlite-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a191c64e27e6c7846f4fb786da99ba6ab75ab274a4df6b2b6334a001d7cd9cbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186286 Malicious code in configstore-mensa-airbnb-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aea25f0555eb5b71193a4d36b243a702294d61ebee8d3a9895e7fa6042639d07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189817 Malicious code in tau-import-file-bad-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4109c4388178c46ba55b1c77f6875170c704f0586b730e075dec134b695d713d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185703 Malicious code in awk-encode-good-byte-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4cca71a4491c633a2c7f274e3a868f88632b23381903b5fa7e387991ebc55b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186177 Malicious code in cluster-child-process-remark-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0174842527c29694de08b676a8177ac52e03dab4a1db27c0edc59945ebbb6a8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185411 Malicious code in airbnb-test-betelgeuse-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34f8c54d1cf82e48e21e0919c55c28945ae75a22c803ff46452fbae803bdfe1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188459 Malicious code in optimize-uglify-cluster-string-refactor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9357c297db533d262818f4d94e063b4ca7a1de545294cd6a542cd3cfd595d937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189989 Malicious code in transport-ursa-spinner-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5af491f95d646d3d4421bbe34372859a3bc57e2f6d476a3d03eda099aaecb9ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188015 Malicious code in meteor-cache-fomalhaut-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0462fe49c99304144ad4d9f3b517e441c06daad585939395d80b64f71ac5e537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190367 Malicious code in xenobiology-technocracy-dotenv-safe-brane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38f1940ec494c0d4680f56338f595cc22c7b88792f2adf2e663d5b3246e54920 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190263 Malicious code in webdriver-manager-neptunology-oscillation-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c818da0d4724a5056bdb4220b90d6078bd9764e0642c6f267bb98ecdcc268fd4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188164 Malicious code in mysql-quasar-nodejs-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ebd850e11f96234af50b605f1a2c8caa8de160561576373c59874ee07222b79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189304 Malicious code in sadr-janus-apex-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59c744fb77a2ce736381b7ec08f3cd0b18a638bc3d4bbd5ef4848fb1e89dde6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187665 Malicious code in kardashevscale-transport-tailwindcss-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26b0785d3bbbab605d01154a1df23d6d8e5b1d3c853b886843f1d794beda9456 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186055 Malicious code in centauri-troposphere-umbriel-decoherence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffce901f46d32f0a4d9a884e9616143978c7422b11aa4e4a6c562b461995027f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188167 Malicious code in nanotechnology-eventhoriz-iota-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 102b7412ed071b1287c6050f772940693ab260bf2618bad4c6dd653944b1ce44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189682 Malicious code in stream-build-ganymede-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24b83fb6af139dbb9bbd46a83057ddae76e5bac4e17b4d50dc4543a894b03951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188779 Malicious code in postcss-loader-ganymede-metalsmith-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16d3d14c13f394da725b8d17c124c9aa3305c6a8dff021d59ab3c8fcc8fb610c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...