MAL-2025-186690 Malicious code in eigenstate-spectron-loopback-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0460ccbfd41e51a0714ef69bd00401d3487ca8ab7f70a90e0377723fddd725c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187805 Malicious code in lint-isostasy-altair-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bc7c0466ae5d2579ed1cf9986ae80ed2df907eecbcbaf7eb8edffe3b4ea5d0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189920 Malicious code in thread-link-code-stack-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0332ea06ac8e14a11d6373d745a8c9acfba7cf0627fbf54277743d4d2dcd8414 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190205 Malicious code in vulcan-delphinus-protoplanetarydisk-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b24d971495291e83f1b4c4e45bbbcca2ecbe2a09313935b9aa7b391db4d8be1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185498 Malicious code in apollo-ceres-package-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361a97cac0a8ce666550c7ace3fa953bb91e64481b6e65e216965363c50c3fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187659 Malicious code in kappa-notify-web-encrypt-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adabf06362cf23d6c3eee9d92b084952fd8949a52f6b30a787608914698c108 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186077 Malicious code in chai-got-pino-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d4038eb99c7a3c61857cd8ea91f7024e5f1510152d4f3c6577ad77a0bfbd3b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189396 Malicious code in secure-eta-throw-index-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6ef07f6a8d07c9ae7049f63ac2d5a0c363e46cfda057c7eb6353624e949ce2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187622 Malicious code in json-apollo-rate-limiter-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4041eaf381f192fe6b5f0fa41e0d62e7c44bdd9c3dca76d45a758c432e541b9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189643 Malicious code in standard-apollo-tardigrade-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40754cfd5d3acd3d0b0766de8c414360da01d745f7dd08b9ca8e853ae6750b6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186320 Malicious code in cors-warp-farout-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13b58f1af8bf82671c841b76a10d8e68246dcd60737603893aef17271bd3c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188305 Malicious code in node-config-cross-env-event-fomalhaut (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 633ba8b5bb0c1b25a73b775f05ef07535394081a99d38ca2eb989da5e9df22fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187445 Malicious code in impulse-holography-grunt-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c28c8183009a08a11188523afcf95bf4a90b317d6e72e29db3fb3800beef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185927 Malicious code in build-farout-cz-conventional-changelog-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a87d6cd004178f1af5eab56a798cb59c8922a506b252e26772cc07c1e3876f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186426 Malicious code in css-minimizer-webpack-plugin-vuetify-ichnology-redshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51432f68b706b7ae7c14c4afd85ef5068b6383f1eb97bea5a751ea91677a542 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187969 Malicious code in meissa-gemini-jupiter-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089faaaac3c0796dcadd5706ba9d72fecc451884fd1cf61f39081991d2cb04c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186220 Malicious code in comet-perseus-andromeda-terraforming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48aafdc9143f2f03e019398a2f17e8554586833012e56e2e3ea753d55afc6471 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187759 Malicious code in less-loader-sedna-blaze-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0aed9d31de0bbd2811f97f41f0bf00007a65a06d53fe4bd3a25fd061d296763 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190240 Malicious code in water-catch-cloud-upsilon-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ee923d12f25e195265318063f9ca7aefda531762b20e5da248f7248ff39084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189024 Malicious code in quark-photon-eris-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3bc318af39702e1bd1c0c1bfdd4e4af1ab27c81c777b6853f7a5acfffbb10e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...