MAL-2025-189846 Malicious code in tectonophysics-farout-cordelia-darkenergy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bf5bcf2afab2b331136836c91d71ee1f886593553e406a307a1708222d4af10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188114 Malicious code in mongoose-electron-bunyan-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09ed494efd702fa86dbb4eb80c161c3843775d08315479692bccbcbd4c8864b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188160 Malicious code in mysql-fork-pavo-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238d311463f574170c5184cf88b55be3f9775159d52d35ba3b1353ef03901c60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185983 Malicious code in callback-xanthus-astrochemistry-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e74905ae15aeed1f45edc675826a313007486a970d1f7ff6229b2fcc6ec21d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186618 Malicious code in dotenv-parse-variables-init-child-process-genomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98640b4344bddcf7df3cfc9d3664fa0d315971b9d3d25520d63786b5a4be8e0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186370 Malicious code in cressida-prettier-plugin-markdown-pulsar-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47904204a0330a6ee88de485827845d0e3e0d640f5d1de7eda6c95644ce085d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187261 Malicious code in hadron-vuetify-astrophysics-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a023aa918b6df89cf02b3fb9cbff1e261dbb97330b127160a907246a48e94bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187577 Malicious code in janus-petrology-sedimentology-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1954de2e091aabacbe5fefaabe6ea1065d082307bf2e67684ab0624e168e5726 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185685 Malicious code in avior-ganymede-backend-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a4711152c4083ccdb19747bdc390909e2dd6d6c64e5f7d82894ecc60e1fad7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187167 Malicious code in geomorphology-astrochemistry-alphard-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 206b849dc5689a7e5c43f5c73d619dc09d9bd8248ad29e5e4a9c7beb15c96102 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190463 Malicious code in zephyr-ganymede-fomalhaut-hercules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 400d2c278a0302d618f65ae002e9c82387d30f08742bf4fd5af0b01c9082a40f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189116 Malicious code in redshift-sagitta-geodynamo-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49684d2254b23b90d0b51b5811cfe71ac5584f0a16d1e85b69e4a0c3b4b84dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189341 Malicious code in sandbox-long-compress-book-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ee676fdf4a328f91380e094f39eeda1184a866c32f09c81103c42cf748fb558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187044 Malicious code in framework-bellatrix-await-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d9df861b47c98b33c486f725c68c2f4aa0a6bd786a502e39eb00f5c48648914 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190305 Malicious code in weywot-tool-eslint-config-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de32a7540b8c3b3d21739c05102b00d5a46e140039e3c22f2265e6addf4f43d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186559 Malicious code in deploy-awk-user-psi-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85974b235976ec2159baa382d8cac5043c2dfa29505a618c566d90e5a64e62a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186545 Malicious code in deneb-halley-astrochemistry-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ed81af0ec82031a87acb687e0ae8eadd6ae8788bd4fc99fecdcb2690067df54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185593 Malicious code in astrobiology-sedna-archaeogenetics-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3df4d0495e148fbcdcc1cda0675903dbfcb6d71102f2cf4a590110f50a21230d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188244 Malicious code in neuromorphic-nextjs-phenomic-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b223674405d5baf29428d173f297342b253c408e45a652429824e52c02bf2d83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186998 Malicious code in flare-sirius-parallax-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a8559b0ef5d85b4d90c0f847ff6cee668e1afda6de3249cf424af6575f3a52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...