MAL-2025-188225 Malicious code in neptune-node-sass-altair-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad682c7ef1b00daaed7b6861c4172801654dbd52ae27354ba342091db9601ad2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186178 Malicious code in cluster-concurrently-wolf-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a5d90621c5bb537bc01ee7d14ec63f964ea166320b8b97d2deb75307c0650b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187435 Malicious code in import-float-omega-user-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68b9d72ef4a5adf2927a1577844ade2d0903be998fe38061cbfa62e1633027df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186274 Malicious code in config-dactyl-foundation-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5de4251893f8cf0b528c2444bc8aef33307f0241ae32247dcc74b1eb4c4353bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186890 Malicious code in exec-proxima-ophiuchus-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b09158f6d460d1b85b22dc0e801b0489afa54a047d31b5575832b9be64e623a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188137 Malicious code in mui-cluster-antares-nucleosynthesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a79c5eb88dbf060771545f41472a61811c8817947e70dc0fc5cc821841efb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185430 Malicious code in algol-troposphere-bellatrix-oortcloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88490cdb1401356b32291487c355209f19652c109aee91f3a7950f1f3937bc04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189449 Malicious code in serialize-bash-authenticate-execute-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bafd6e5977868e79709452bf04495a7d1495d540bfd749ef73bab2a8aa8c478 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187969 Malicious code in meissa-gemini-jupiter-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089faaaac3c0796dcadd5706ba9d72fecc451884fd1cf61f39081991d2cb04c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186114 Malicious code in changelog-polaris-dotenv-safe-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c814b7fc8dab99055234c78d4948e54d8ffe37e73c7373184c2033064d60c451 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185746 Malicious code in balance-quick-throw-bash-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0add969aba29a3927363cccce51320086be073ea29a996c0087d9ab4119c23d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187431 Malicious code in import-abstract-nu-private-decrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector affdadf84f419615ba133e23f6466b63aa776121a9fce6149e79486c5bebc230 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187221 Malicious code in greatfilter-lithosphere-isostasy-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f7d248bef693a8fe521be2c4a3d53ecdbed962532c5d5fdff3115cdb68648d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188495 Malicious code in package-uninstall-scorpius-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a74311a498dc54021eb8645f2068701b117d54e9b84519e6d9a51fc46143595 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186316 Malicious code in cors-centaurus-electron-builder-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feeccfb1d261c6ca7989d2be6cee1c0b020d5eaa19f8a9d0e008e8d47573304c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189710 Malicious code in subduction-middleware-javascript-supernova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7115b54f7e57043e98fb77619781e6bf25031e1d32deee60dd41e1798635fdb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188912 Malicious code in proxima-farout-react-bootstrap-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8de6d79a1a73dfed48c1efc53d474df34853b6a3b421d85f3fc6e594822232de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190288 Malicious code in webpack-dotenv-safe-avior-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef999ad1a80cec0d0e2ca09865a600eb285869e029c47714d54436be3341dbac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189988 Malicious code in transport-technocracy-geomorphology-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061f2f2422688244ab4bd302d32df2e932b85bf69b5dd7bd0ed0e5fe08dd862f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187427 Malicious code in ignite-hermes-ophiuchus-semantic-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a46d3fb402931eff7024c48a03204cb67a6ee59f55d17ca893a2a5d4973ec28a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...