MAL-2025-189475 Malicious code in shelljs-package-writable-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f60830a143e445f6febb17ec8af079069f1883139d63dfad0461f1d08e9008a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187614 Malicious code in jovian-sass-loader-native-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225deea9531693f6cbd7d6edd3656452b2959b26fd0b8a748ec2e08d0dbcbb98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189880 Malicious code in test-book-final-epsilon-char (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 705fa95826e8c9052b49c3e15d57712ea0539ad61c99740eb3298fc3f6319b2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189096 Malicious code in readable-holography-buffer-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d383994bcfc1920bdeb6c04e589f3d6540567ed0a712462a7b20166940e06e7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188499 Malicious code in paleobotany-commitlint-config-angular-ultra-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b03612e35e536ee1ee10dcdb5d77fc03f05899841dcbee643769e07617aa5f06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186262 Malicious code in compress-async-rho-boolean-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47a72962d3c729d5d4253ec9d28d30df0480c577add110900f74126b32e3a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186013 Malicious code in cassini-html-webpack-plugin-loglevel-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9033f1763d5ba00b031a7c88ae9daa1fa6d813e089bdadca8c7150998d3917 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187304 Malicious code in heka-centaurus-nodemon-hydrogeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf4c5450abbd3567bd61e8f6a80976123a5fa4f46e632979d964711833faa7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187759 Malicious code in less-loader-sedna-blaze-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0aed9d31de0bbd2811f97f41f0bf00007a65a06d53fe4bd3a25fd061d296763 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185530 Malicious code in archaeogenetics-xenos-telesto-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27da6b5fd36366bdf4dc7b0f00159a6daba029c6322eae8913d87161aaa6a6b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189265 Malicious code in rocket-vortex-nebula-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb509f13958f7a7b72ce609e2825f1e19061e7b2d65cce6416a6e965c065359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188670 Malicious code in phoebe-cosmicweb-meteor-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fb63d19ba7cfb57e738cd006c9c4288fd17ceaa3b39d6a4fea1b3b1562678cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186116 Malicious code in changelog-supernova-mantle-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844592857cf1504ef3536f2432dae588d5e95ab434bd5b4110f4a8efaf49d154 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186059 Malicious code in centaurus-biohacking-mongoose-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d482681a1746eaaa1bbde7130dfb8ec74d55c296d84140f66286c3dcaea82c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186218 Malicious code in comet-oauth-airbnb-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d9fb8279f61223224e9fbdc329b569ad93d0e71610a041f12d1cb85156c9a10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190371 Malicious code in xenon-ganymede-got-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3cdb5311de65ffd938d7edee63411d617e2a115eb667ee052b558090a5c0de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189731 Malicious code in sun-bad-assert-secure-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d895d4b0345e91c1f17b7dcbc0cb8bd298eccd311b392650ae6fc5dc7c9258d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188226 Malicious code in neptune-redshift-semantic-release-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc439e829e757752b4ff8b2dbe8582cddd0435d867d34393544d740548b33caf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188122 Malicious code in moon-small-nu-rain-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcf2a1dc5076c624ca43163bb493e90fd98998b7c3805d3aa5c9f1f5817c3db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188162 Malicious code in mysql-joviology-eslint-config-exoplanetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643bafbeb2dfc79283955d0c21bab2fd71901ce97f885b0030161154a433103a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...