MAL-2025-190286 Malicious code in webdriverio-wavefunction-publish-asteroid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dbd476dbd24f90f40965c0167d1e0e9d30a48c5075ce0ffa548800cfeaf17d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189441 Malicious code in semantic-ui-redis-dendrochronology-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8d86fe46479392a59ae1b6014000b1675286c6ae85a50c9f04470b1d5626df6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189235 Malicious code in rigel-helios-phoebe-fermion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a0da6053cdb72f85fde927e0bdced3be241789ece6e8366cc94bc24e6a0aa1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188279 Malicious code in nightmare-version-levels-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31a297fae66d552bead526aba85b7fe7db06f9336bc28adb7ec24729c055c79c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189757 Malicious code in superflare-tectonophysics-less-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb1b8da8dc9f41bfa1ba5e27052994c79ef7554a21aa878b14d2a0e3e5b19562 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187232 Malicious code in grid-mu-cloud-signal-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cdea576c0cd2686520489649051a2de7c88148b728550acd1d2f5516422c9f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187110 Malicious code in ganymede-publish-development-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 978c79b7d18ea06f986d6e2fb7985646d5a51af15f00263077e92558383d6c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187702 Malicious code in koa-vega-zenith-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64a04af2364592a4dbe9304c1583200538072652b566a0c4367ccac8e31b977f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186125 Malicious code in chariklo-areology-changelog-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ea57974790ac6b25ad20f661e626cd0d461ce58dc78973b65902a16c6c65e33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187124 Malicious code in gatsby-tardigrade-hyperion-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 045b9fbb41e669808e8b242f695e928285d9a881632315fefcd95b7b3149f24b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187024 Malicious code in fork-webpack-kastra-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa08ae10f43fded7688f06c4437636a450b0f4c86bfd008f64545bbd3f8d558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189224 Malicious code in reveal-md-cosmos-apex-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e367e933db82adf380c201474730be581cbeb3d554deeff671fb4bf308f2788b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189283 Malicious code in root-user-await-validate-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eadca940140bd92565e3b06a732c77498e9eb34e843f9bf2a52c4c46a9edac9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185863 Malicious code in blueshift-kuiperbelt-asteroid-dendrochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6529f5366e3712b3bcecb53700bba7cdc4e0d404e2d5487dc5e3255f0093eef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189732 Malicious code in sun-cold-upsilon-deploy-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21e3fce7be21fdbff197cb712d6763d9e3425bc78c5e5602348c426d97f31711 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189304 Malicious code in sadr-janus-apex-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59c744fb77a2ce736381b7ec08f3cd0b18a638bc3d4bbd5ef4848fb1e89dde6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189475 Malicious code in shelljs-package-writable-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f60830a143e445f6febb17ec8af079069f1883139d63dfad0461f1d08e9008a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187614 Malicious code in jovian-sass-loader-native-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225deea9531693f6cbd7d6edd3656452b2959b26fd0b8a748ec2e08d0dbcbb98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189880 Malicious code in test-book-final-epsilon-char (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 705fa95826e8c9052b49c3e15d57712ea0539ad61c99740eb3298fc3f6319b2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188499 Malicious code in paleobotany-commitlint-config-angular-ultra-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b03612e35e536ee1ee10dcdb5d77fc03f05899841dcbee643769e07617aa5f06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...