MAL-2025-185736 Malicious code in bad-key-short-sudo-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d95126115936cadcb064f8ebc6d168464fb327bc7d45149cd0e410f044d9352b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190207 Malicious code in vulcan-quasar-prettier-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9565ba49afcf1a59bba550526acc4bf8556d6fb903b6c4f4e3ee0b7f79d2944a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186174 Malicious code in cloud-star-parse-fork-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8952f1c640e356dec0fbec116b2f433817d877347505c728b5161b584a49ef99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187643 Malicious code in justmeteai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a657be46902cfbdda2c87ecc2d13b7cef85502101b60cdb8b3997d29af6ce188 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189281 Malicious code in root-resolve-wind-stub-interface (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76745c37e2effb609da0372dbe196b1268ae5777b04442b99e59f3da1c499739 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186766 Malicious code in enum-new-encode-tree-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce3f7f2e99936ca73aba345579c67f7c9562105e8768b4e88a8d8ed143498917 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187722 Malicious code in lacerta-style-loader-mini-css-extract-plugin-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 222914e44e98bf610164e7ab4d3b3240a1bf355716c59e8661864f5d3de0ffc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185619 Malicious code in async-graviton-webdriverio-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbeaeed465424e52a3a1c461e253d7aa23522c4d71e215bf651ce7fc5cf5a79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190221 Malicious code in warp-elara-leda-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bba8246c9cb10c6c1adb2dad15906b9bbbf45d2841b4b415083c739160e1e80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188383 Malicious code in object-authorize-array-cluster-encrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34246e08ce2b9bcabd787f7abb0f7a897edd5a188bd93a724061606b70cee008 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189047 Malicious code in quick-validate-transpile-cluster-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee10f0bcabc32d9ac66632a283a2ba700f31cfdfd2a8f280a980368720bf754 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188147 Malicious code in multiverse-pavo-dependencies-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5bb86e4fc7d6abeeb8acfe3062856a25e160c76e9ab903a8caa83445b6660ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188088 Malicious code in mocha-eventhoriz-wavefunction-redshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b8cd1e689ea6014f0053ba750d4bb5a9fa76248e369191d70c4f40b64ecc59b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188090 Malicious code in mocha-solis-zenobia-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 791a6cec3f182c161aa66f92139996d04af8b3bb22be7b7996080517a5e39e5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186122 Malicious code in char-double-load-notify-gamma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d12118971bd0678f5c5ee873fddbd6b6642589f8c817d45309c0210b7bfdef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188174 Malicious code in native-blackhole-parcel-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a471cc517289478a545c2d4f578f4a0270138b69edff1c911bc1f622c60c9c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189045 Malicious code in quick-orchestrate-resolve-cat-tau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c130e7f99154df61e98fc63369bd577376f29013630b84141f7847d9170c09f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186537 Malicious code in dendrochronology-colors-cosmos-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c58b497bfa810639e7f04a95d1dfdce0066084759d6a3d71419afa81f4dd6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189302 Malicious code in sadr-cosmicsilence-paleoclimatology-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab6e28b764f010592962db4d96f68cc9d1486f9d875274459745f1bf160ea2bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...