MAL-2025-189977 Malicious code in transpile-bundle-upsilon-decrypt-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43f3b2cc46e9852ad1e5d13517a2fc8779647fdf4b1bb64c894398cade68b86f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186823 Malicious code in error-alpha-sanitize-sanitize-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c05a938b12a3f015427b82e19d6772e1ff1d896c7088a090df2f14ff244015e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186106 Malicious code in chalk-supercluster-repository-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8308f3d7c65ad1b1cf899c50d43219245550c86abbd2cfe3f0fdc45785ecb881 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188826 Malicious code in private-easy-string-decrypt-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae8f5ebf1c13bf1a1e8aa5ca2740eee87baa6e70ae9e6675a45d077559c16a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188125 Malicious code in morgan-meteor-loop-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70f8ff4fac46120d5c038ff72708bfc1e04ff3b4a1d0997b5a208cd5adfdcf26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189440 Malicious code in semantic-release-webdriver-mocha-holography-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b794ecaca7722f541231d8309e4e5bed08b390b392a6810c0def39ca7ce18f93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185650 Malicious code in auriga-parcel-soap-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbe5b1c35448ad73eef103c3a367ab3cbf211d6af7d8138c9531cad4d079c357 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188729 Malicious code in planckscale-augmentedreality-relay-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5f998a78e0845bead33d6caedda7cd51aea9b95c228d8eccca9940a5fbfef87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190348 Malicious code in xanadu-dotenv-safe-markdownlint-materialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3910fdac95250d53aecadede785513f9beceed180e4330b90a3808d260b82a43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187551 Malicious code in isostasy-loopback-docusaurus-inflation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 797720d1b8288c7e2626da0beb9bf3b04fce2db05038749d1edb8dae27d74f6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187310 Malicious code in heka-zenobia-pyxis-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09de8556f0fb97ba288cede5fef9a3c8b7626453b5d0b52ec242956372d1b5ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cypress-technosignature-solarnebula-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee5b6d2c365fa8597a05437b8cedda2feb5adf1dbce76e271afccd20f7f8e10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187416 Malicious code in hyperion-prettier-stylelint-sqlite-rehype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6521de9c655dbd6f20939704f17ffa28a37be1b632cc49a17cba0b908977d84e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186905 Malicious code in exoplanet-scripts-webpack-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30bdc2b9b37921b1329658051abffcd6a5a4c3353ffdf67338e72ac4d419e113 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187197 Malicious code in got-callisto-whitedwarf-gammarayburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72a5d6a59b64129c9f1e662025a6ba97e7c31ec48341563d9d572d474073f3d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189746 Malicious code in supercluster-command-betelgeuse-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c4312f9a8f4944f7302c2d84d8f462d661b5c52a2451094345926045d0e847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189109 Malicious code in redis-epimetheus-jabbah-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6772a2748dfd8052df353660cdf46ee191aee541abb93639ff7612b651bddb89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190202 Malicious code in vuetify-xanadu-stratigraphy-sedimentology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e45d74c1ef8ffd448ec4e12050350dd998b0f5a6c4214ee0a6602dc038f1e42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188792 Malicious code in postgres-proteomics-markdown-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6860516dce9a9d7e0ede3eb6cdc0557443c2c6fd995d1d86b1226558ffedea50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187413 Malicious code in hyperion-kastra-paleontology-magnetosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d31eb3cd862886d18136d81f8bb0cf91c2c741c8992f6409480b516a287b79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...