MAL-2025-189609 Malicious code in spectron-markdown-avior-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cda5fccf9c493a775930450c26b7389eb9ec4a139fc1f065b0c0e777ab3772d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185457 Malicious code in andromeda-webpack-nodejs-sadr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1d388bde9d4e260b9a344967865578a95635996ada4aee337f32116385eb627 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186178 Malicious code in cluster-concurrently-wolf-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a5d90621c5bb537bc01ee7d14ec63f964ea166320b8b97d2deb75307c0650b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189471 Malicious code in shell-omicron-dog-bash-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9773541d5d024eb6ba320252005f48715f06580b91dc6b9da8e16df177b7266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187983 Malicious code in mensa-subscription-antares-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d55c01e441ccf96182c4b8b99c8df823b928bf5f93c08e93de762a8921a7643 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189939 Malicious code in titan-iota-carina-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae54b5aeb01b3b85dda4f78f0dacbe1fafb98fef139ef198836d50da8dbcd7f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189045 Malicious code in quick-orchestrate-resolve-cat-tau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c130e7f99154df61e98fc63369bd577376f29013630b84141f7847d9170c09f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188980 Malicious code in puppeteer-geckodriver-redshift-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13eee7e60a6dfa0e4c6b1091d856e3478c1e254bac890f6a2f95ebf2ccb71ea6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190345 Malicious code in wormhole-passport-norma-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cbcbb4ec803511eef9b4bcd4ae8c312cea6bbd76fce98f3301f4509618457c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186280 Malicious code in config-regulus-auth-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185404 Malicious code in airbnb-arcturus-enif-kastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f91b89bbe011b4d3b3e04dbd89e0385e56a2d993d744a9408364b5c392d2b6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186552 Malicious code in deneb-terser-webpack-plugin-lightyear-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a910f12a93912cafcd341ae149ac82c7f49fcb236b79a4164a070f32aa8ef5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186250 Malicious code in commitlint-config-angular-hercules-express-yonder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ddef34412e83c0fbe8a9644690f235972b287dd6c6f27c8589726648b3334e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186835 Malicious code in eslint-config-jovian-middleware-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a08e1a70125c98d783c4675a920d9eefc7bf5a6891ae90b0e858fd9a3a898c82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187198 Malicious code in got-cosmicweb-canopus-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b583c4c57856c012b65646066ece5cffd3db1a2c3206c475e5c74ad3d81bd04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189557 Malicious code in soap-odin-config-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c5fb11eb83b83b17a16cb7ae6c6f075d0c88452e612dcd5a1b07ea5cc8eab15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189780 Malicious code in supervisor-cosmology-element-ui-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28afc8ae3541e417d775a5aab2fce980182eef544c720dae8a7ae1c4453d5437 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185770 Malicious code in bellatrix-odin-redis-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abb2c6e623c7d9e32f8ec2d22c12a773727da425828e927da38a134bd8f8e17f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkmatter-exosphere-exoplanetology-yakutsk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66fd91944b979138e05bf2487dcd84925f2788baa8346eb2c5452959746d963a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...