MAL-2025-188339 Malicious code in non-blocking-luna-axios-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90d96a5087b0d86ea97cb4b2dd3fb37497ff4b0f4a61dc835ba9fba5a1215d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187757 Malicious code in less-loader-react-bootstrap-cosmicray-spectroscopy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34b22a3237ae7e67de2b1fded90e8aad83a6fa3a88ed44ce7d4329367a38aa5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187002 Malicious code in float-rain-finally-yaml-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9e8dd6638a0a74e6001d7a9336737e6f0567173b451b5a897e4d9c0acb68406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187110 Malicious code in ganymede-publish-development-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 978c79b7d18ea06f986d6e2fb7985646d5a51af15f00263077e92558383d6c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186500 Malicious code in decode-export-data-cold-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd9b26936a91296c9761c1dc1f244b37d89f7f0d0479753627dfb42acc4420af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185396 Malicious code in aether-radiometric-sedna-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7134d489c8a851a58b9529605d85a949d662e70a8a5b193333fd2b342b9db97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189964 Malicious code in transform-ethology-weywot-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6827172d705088dbbceab6e5d571e982778c40522594d4b1769be2151dd4821 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187471 Malicious code in ini-koa-adonis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814dda9fc098a95449685bf70ed597eaf7718a69688a6739317f7af0058ac94c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187325 Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185927 Malicious code in build-farout-cz-conventional-changelog-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a87d6cd004178f1af5eab56a798cb59c8922a506b252e26772cc07c1e3876f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187105 Malicious code in ganymede-meteor-equinox-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf6caf727d2ca931162dc42199e8135f7c9bc25580dc02019ae90f6876bc9655 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189615 Malicious code in spectron-webdriver-commitlint-apollo-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2f9393dc8a7a4eaa19f6f45d6cfee1f7b390f6d38c9d5c9e9a13032f53e195c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189394 Malicious code in secure-big-user-unix-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58302a7110a1c0f90f3bedc311dc5eeda947f3da8ac2e2e1dd37e19aa2b0347e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186241 Malicious code in commitizen-markdown-luminescence-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e29190f0991b5c48b8aa19bbf70fe09d82cb90699736789a0239e3a6035555 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186026 Malicious code in castor-warp-asthenosphere-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35d58ff15ea2ebbd7c4324613137ba93e2574de45eda32618575677a0d8de300 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187271 Malicious code in halley-subduction-zephyr-paleoclimatology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be6a4751fde16eaa87009873625b6b28179216a0bde52389669c39c7f0ee0d36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186453 Malicious code in cz-conventional-changelog-blitz-steganography-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 730ff285678049eb66e80db3988bb6718e03f59c281d112d5768eb338419befa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189420 Malicious code in sedna-shelljs-tailwindcss-photon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a5705ab9dcb1d6154f909da22e40f7e97327537bc2e24903cc8ad7a9269aaa1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188997 Malicious code in quantum-computing-less-loader-mensa-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefb4c011996c06f58eda7e1840993e823cf3eddca4bdc92a366643fbc9da57c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189034 Malicious code in quasar-robotics-soap-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf869e7625d64431a49efb119397803362e8d03292cfed0a621e19d3d58e102a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...