MAL-2025-187282 Malicious code in hash-char-new-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 157e9621c61fae908d1e7be8b87a7307a60fae9033b01116533f0b50fe64262d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185725 Malicious code in backend-crust-cordelia-markdown-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9abfdf4b11861c28b5f846e1b02a001c90a9a855d5563ce213d97013e6a36817 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxy-meta-pi-theta-bad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d262f7cb74cbc02a73246c1079e373c3cf5e367f400f9dcfb0c987786b01dc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188945 Malicious code in publish-alphard-convict-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b33c2a363ef96b131f8808426949e15ed28221d6374dc4b5c021fcd973e62636 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185974 Malicious code in callback-elara-hadron-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c5e131353d5f6106fa2496e00f7ad443ad3e792fa0a1d9faf3e536b245446df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189918 Malicious code in thread-compile-parse-decrypt-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a7146ef933c1aa178443b1e6366208057596a2447d96deb31dc0f893f501187 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189215 Malicious code in rest-paleomagnetism-eris-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e0bc402668138cfaf7a98c94602606b2e89444223aeb567e96a42bef52c285b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188688 Malicious code in photon-sedna-hugo-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 691a529c360565b158507994620e6f1f9da55fab5873d69b8bacdc29bc0b557f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187190 Malicious code in good-chi-nu-info-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f42b6bf2a01b6334b369bee120683abc5377dbaa3c0215c6a61aa6e01154bdbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187135 Malicious code in gemini-dactyl-archaeogenetics-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024021df6c02db9e21ee90ac2aa96821f37266ff503afc54cb6f404fd6724214 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189613 Malicious code in spectron-ursa-yonder-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11e8934f9f8a84c3ea9257ecf86439131845b5e98b2fb112a7de097e28279bb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185875 Malicious code in book-web-deploy-object-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e707ee8e6a7b157de7f049f46c37a2f9de5d01555279c9b19fe13e51bff46327 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188638 Malicious code in perturbation-blaze-singularity-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d94ee357e591d02062c95c64888251cbd977c18af9279759332c2d7380f162 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186446 Malicious code in cypress-cosmiconfig-dotenv-safe-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fce32655c7728a7fa545451955f37976f28b6a389d3c9b3998f1c6a0a5ae7ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188235 Malicious code in neptunology-gravity-start-interferometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8e13aeeedf63928df41a9d4049871f5d598588d838eb4f63aa053aa0c350a1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188061 Malicious code in mira-pino-impulse-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a1147eb997379acf6a6c10728cc952cf4d610b234389989f89effcc5486ffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187850 Malicious code in loglevel-hyperion-bootstrap-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3637624f4dc1c51c25b26e76227b5d808fd156ab28fec3f880fab3b549f18a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186521 Malicious code in deimos-selenium-local-futurology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6f424dc2a28a52ab4ef16b63d54d791c1396788aad790e5eac576cce256f93d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190288 Malicious code in webpack-dotenv-safe-avior-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef999ad1a80cec0d0e2ca09865a600eb285869e029c47714d54436be3341dbac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187315 Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...