MAL-2025-186927 Malicious code in express-cors-dysonswarm-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d813d65a50244ad3649baaef287695f9e5c9fcf145c42566664a40f4d368e4ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186442 Malicious code in cygnus-tool-update-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6dda9b734db336089ca3b7e1b189859e059a4a50e2263aa85436870537b513 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189155 Malicious code in relay-halley-ophiuchus-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb396d85d513ea55033743e3e16569ef6ba440da167e3113d6d3ddce6e2d6372 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189553 Malicious code in soap-comet-adonis-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ba309579742e145eec67128cd1726f352994bbc24340da2452433bad6350725 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187689 Malicious code in kinetic-configstore-nuxtjs-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d44184ccb146fc77b323b6e19c51c70a173fe426776802cee54b2452ea63418f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186018 Malicious code in castor-andromeda-izar-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027b3780e8cb8f474f542e216188b2492653d88f8d778554b45f05cb0c926bee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185948 Malicious code in bunyan-radioastronomy-interstellarmedium-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cc54e68d097377490b89849ea3a8203a0b8b2af36ff8e9b2ab0361325f59df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187728 Malicious code in leda-cassini-dactyl-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2202684f09a6fade6cdc2675dfccee158706ef464f4837c0be92ef6e5793e07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189615 Malicious code in spectron-webdriver-commitlint-apollo-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2f9393dc8a7a4eaa19f6f45d6cfee1f7b390f6d38c9d5c9e9a13032f53e195c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189608 Malicious code in spectron-grunt-auth-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6cbd342d4b73f3ab91a46f07b5ec0f8fb7ea8893422949f32cb9b9cae1c1dc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188708 Malicious code in pino-pretty-radiant-less-loader-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56f26e9ea5896df0ce372833130544656e3589f313b17873c4069dfdc07eab2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189048 Malicious code in quito-config-lightyear-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2774879e2c0a7ce0d979c45203cd24a0201a338f4a913577244ee6c095d46e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186329 Malicious code in cosmiconfig-fermiparadox-parsec-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09f948165719318c18a9effd583b6ae532e7c7164c847038d344101a3d955ded This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190386 Malicious code in xerxes-non-blocking-baryon-solarnebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ae2eb9332acb82fd3f4234327e07742b0664e9628b1ba566bae6f2422fb622e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189910 Malicious code in thermochronology-metabolomics-semantic-ui-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a1243c209c98ea50c04f08cb1b6e855051161fd538e7e33c30d9f5def76b680 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187170 Malicious code in geomorphology-materialize-perturbation-accretion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f950d80fddbff7c9f345af602935a4448041c71c6e3aa0a96f263a4b8a2207f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189611 Malicious code in spectron-neuromorphic-crust-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa98a3d1e0fe9e796ef769e7b0360f419fcdf930fd5fff5885284cbdae3f3824 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187670 Malicious code in karma-update-slidev-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f438df7e0802c318d23f75444f90cde1a604206a0ae49a7dcd2e295be9f2e70c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187180 Malicious code in global-eridanus-yakutsk-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 049486c85c0e3eaa7064b02722bfb18e40ddc060886b0de61d8e5f4aaaa669f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186906 Malicious code in exoplanet-string-bulma-tardigrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3db6d30965032b31e8676816820d7bbeb491cca49937b3702c7436d896a3b8df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...