MAL-2025-186987 Malicious code in firebase-antd-lyra-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ff0f95508bb99164630e8004d61ab7d0dd45527e0abc2390d93f501c262d46b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188281 Malicious code in nightwatch-aldebaran-stratosphere-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec563d816b003e006c14699ca210e0cd8bb8c5d8147fff63a6131a9fed440e13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188802 Malicious code in prettier-plugin-markdown-exoplanet-saturnology-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5035fc7034177361a11d4b4e27a3fba157faed7231117410427c76e9eb30a1e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186474 Malicious code in dagda-pulsar-redshift-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01eb7e5dee33aa92aeb7c166125c8a2a537b2b75814637049b7ce936ca515d24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190138 Malicious code in venus-epimetheus-halley-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d0ce58004f4853ebd835af1a1ca2e27dcc4bb1b1cb75811f3bfec1c331fb9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187818 Malicious code in lint-staged-tailwindcss-altair-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf7fde528fcb735413f5b059ae0d9ccce85ff5d01e66637d1759cb7a0dfd4869 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189592 Malicious code in solis-troposphere-slides-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c03d4a07f458509a749319fab250192b4c3408f165b5865649842156cc6e3e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187113 Malicious code in ganymede-style-loader-xanthus-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a5f45d9564f44b2db677d8a064664c3950bbf58615506c9507134b1044b3ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187259 Malicious code in hadron-pino-pretty-hermes-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7736f6786b89ecd00050315e30fc0bdf0f69210e399f441ad491be82bcdbf870 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186568 Malicious code in despina-lightyear-yakutsk-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9d11c08b20e05e996c180e2416cba94fd964d29b9e6d37754e2bba18b905e5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187089 Malicious code in galaxy-xanthus-perseus-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b08463d8094a6585daaff47afc0c7e17fb1cfeac54e21ac5b0da250cfc368e1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185614 Malicious code in async-cressida-umbra-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16d7f344a284484ee4c9862dd2dd6ac94ea09769be191bef503fb4a7288385f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187663 Malicious code in kardashevscale-despina-outercore-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0de6b9990c28eb85eb681e249c774309fe5af020b547772d4a804dfc7fc3e99c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187192 Malicious code in good-minify-private-container-object (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b032c4996d44ce62c30eba2b2781375d7b3c99daea21c2cbf85535105cb6269 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188050 Malicious code in mini-css-extract-plugin-radiant-axios-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f255926db1be155e2c1e286c83a201f3224cf7e9ccdb856f55b6a9deaade8b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188220 Malicious code in neptune-indus-tachyon-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4b2a61778d9113e81205e80ada205fd2c12d1861bd343ee5c60d8bb7cfaf266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188593 Malicious code in pegasus-deneb-iota-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f09829ad648a30448e6909586b77ecb91a7d0c11ed07ed4042c386b13811abfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189660 Malicious code in static-public-omega-abstract-upsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82ac38dd4021854b3cd24d798c971942b5a8610691c7b1bc524209f69ea59fe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186192 Malicious code in cluster-wind-fork-view-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5047c654c3a5d136a00aaba828d7028a4483a1b72fb55a1d2ffff40fcb45f3ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188627 Malicious code in perseus-lyra-css-minimizer-webpack-plugin-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7d3d9b81812427d006a9d83aedc8ab35ae99c772c8d05c7007ddb3d17c3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...