MAL-2025-190426 Malicious code in yaml-iota-jasmine-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8425bb6b7f07910bd25a68dfefcdb32430f54afe0d64a10bd237cf2ec705796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190456 Malicious code in zenobia-sirius-paleoclimatology-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 589c6cde9bd310194e1d28c17c9a76b68d2af512820dc8f14c3bf6068c946525 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186515 Malicious code in deimos-hermes-quantum-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da041c19408afda84511c39a5af5b767f425c262366c89f8688965f88b3639d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189099 Malicious code in redgiant-callisto-altair-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c52623704e8e59183b20b689afbfb07d866c14348d1b2354d955944d41d54d68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188352 Malicious code in nova-chakra-ui-css-loader-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33fba34563f447f01ce0f666ca1461181b88fe72fddd18a86916eea8ecf8b6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187943 Malicious code in materialize-framework-electron-builder-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2a40e282cec551d107ae4fd4f279bb9af587898b119a66cfbc3a478e8c8172b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186208 Malicious code in colors-rigel-bellatrix-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c137eaed40b31b6152069e498b6ba1512a5e4a72eca57a6d5eaed47da47afb55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188382 Malicious code in oberon-semantic-ui-cors-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c28c0cb99b1a0072d0e0ac939382a4f4cbaa603451cb9ccda34510947726772 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186184 Malicious code in cluster-sanitize-resolve-omega-encrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcceef72f7076040ad3f53d861981ebd1e83dc7bf7e6c4bbd7c584c0c40e5a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189741 Malicious code in superagent-planckscale-prettier-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fca005387f6cae31e007b8f9b1d5e146cfcca77b5b5758630e77c134eed57fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186582 Malicious code in development-warp-geoarchaeology-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c840035c07923c4175839d47e43684ea33f6cefb2879b9b69bc767d9eb50c71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186531 Malicious code in delphinus-vuepress-antares-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dcf0668bcdb957f83f8e10040b7ab393c0cb92bdc061a5e437566c48e7481c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187724 Malicious code in lambda-cloud-class-public-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c78c338525215779ed96ce7fa13875e8ac455bcf60b08cca5fca74fe837e685f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188640 Malicious code in perturbation-coronalmassejection-terser-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eab3af769d7114c72118e1335e26d4d061cc1c56c6a96424a5deb5bc7269a839 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187788 Malicious code in link-cat-fork-char-easy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c5ab55b4c3e29acb931e3d95408acd0a439484161dee1fdef22b993a7942071 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189644 Malicious code in standard-barnard-quark-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfbd258c142b9ebcf8b870396a7d74e39478ce8b2493de8dba369ed190dab838 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186640 Malicious code in draco-hermes-betelgeuse-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e3e9fa277eb2731d2e5d6b112e3c7dc4fcd0328ded4825757ce1929bf1fad88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186821 Malicious code in eris-umbra-dotenv-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dbf7714f75abefdecf0f36cce8d8391b67049c271697d541efac035b1b66ae5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185476 Malicious code in antares-terser-regulus-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c661c89405ec93ba721141d9f8248bb6122224fa99b0f559847f0fed24d07a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186998 Malicious code in flare-sirius-parallax-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a8559b0ef5d85b4d90c0f847ff6cee668e1afda6de3249cf424af6575f3a52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...