MAL-2025-190123 Malicious code in user-boolean-info-decode-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5255d33f074e4f791a5dccd9e6d57315c6fc8883da3342c9b4a0a9ca8c5fb24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189663 Malicious code in static-transpile-sanitize-emulate-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24c91550d3bffecc316a3775d065e70b04e9da99f4f3aecc527ac3a8305f1d63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189272 Malicious code in rollup-plugin-hugo-library-biotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebfcbb6aaa74c1d1e6c43edf9bb28be471d6d94ecc5523308acc2dcc9e68216b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188446 Malicious code in ophiuchus-whitedwarf-sirius-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d1d56c997058613f2deb0d5a6c57b6cb177fec88fcd80aa4621f487887dd2a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186792 Malicious code in epsilon-protected-reject-parse-benchmark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35e2002f19bc3435a3e86a887d2655568e319690d4a9b1e37aedef4be186df3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188352 Malicious code in nova-chakra-ui-css-loader-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33fba34563f447f01ce0f666ca1461181b88fe72fddd18a86916eea8ecf8b6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188933 Malicious code in public-auth-hermes-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6acc8648d18302379a6ad78064207515f06962fd2044c6a0312ffef45670b15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185707 Malicious code in awk-node-abstract-interpret-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e57b94267f695268b2205969adaa9a5ec8130180999c45d34e32b1a23caa7f70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188329 Malicious code in nodejs-sass-loader-carina-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c38ff8f4ea5bf2c844ec1c897f02f47338bcfb40fdbe2cf01b0b824f0c1c0e06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188108 Malicious code in mongodb-kastra-gridsome-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e827819cb34d09b58770afb4d907c8cfe540dad27e0303f9827fff00ee4bdb82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186196 Malicious code in cold-bad-theta-epsilon-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b66a7b1ab047970e217725296ed95d83978425fefb0d1a3e970d4f2ff9996063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188787 Malicious code in postgres-asteroid-readable-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde9ee609c1893f744ce44f7e17918ae0bb056420c1a91a06cf22239e5736047 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188064 Malicious code in miranda-biotechnology-xanadu-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 252ea35406402f4bad38396317c238088ec6afcbe8e5aa922bda36ae0b271afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188871 Malicious code in prompts-jasmine-wolf-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c4950e6676dcd08c2d832364db96e59567d89ab3b4af075fb7f3fc3b563b84a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186515 Malicious code in deimos-hermes-quantum-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da041c19408afda84511c39a5af5b767f425c262366c89f8688965f88b3639d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185848 Malicious code in blazar-markdown-umbriel-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5715307270d9f6747af2bfba7d787b5b5cbc5c54df42ae3ac425223d35fba0ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188695 Malicious code in pi-emulate-lambda-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 236bb810d2fe074699de9d6eaf3ef0198b4b49689dc232910649ad3d8f66b4b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186776 Malicious code in envconfig-sociobiology-palynology-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07d790c19fec614a3fa7fce75301a2098fa1836a6636b282bd014f693c75c8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188747 Malicious code in playwright-wormhole-phylogenetics-inflation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 998a8014614f0315a660ed56446d83ec0dcb914bcbf25832b2ba07ba5e3b4ad9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187934 Malicious code in markdown-pdf-mdx-build-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed5368d721e6688cca2df4ecc49dce2acefe3054c59f7825db20785e9cf725a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...