MAL-2025-190000 Malicious code in triton-proxima-impulse-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb012bc8032df9bf8cc5ab1b784df443d93d149bc076b6fdfb47b22dfbaf7b9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185789 Malicious code in betelgeuse-csrf-aldebaran-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adc4d06a9a2a5838b3cfab17e7d8abdd29e52f75c1327cdb199e805a5a420465 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189404 Malicious code in sed-sed-link-data-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ccc8b20dfaf048c261a0380b71cf6a30fbead7edbc4958b753a86208b3b9e4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188754 Malicious code in plutology-release-it-despina-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52a749c6fc4371a3c2293723768a233f315f8ed6aed6c686b69a16951edb77c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190329 Malicious code in winston-boson-publish-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5443c2030097f72cca3da1bb12aa17e11ac24d30b75d4b58b456b05ae958239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185403 Malicious code in air-query-sun-void-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4415629b6f9c34adfd199b9e27c7decd99d107eea9d23f83c216bda3cf37b17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187838 Malicious code in local-jasmine-gammarayburst-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7ca518ad3274ecd8b9b330927a7839396f389f138e82a934647325eb4e447a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188010 Malicious code in metalsmith-xanthus-react-bootstrap-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c249cc1d9495c472c96febcbb4aa5275a3ddc5edcbc067eb482c1e37aa6b7cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186209 Malicious code in colors-style-loader-bellatrix-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 547d8fda9a648ebadbfa1ec3f1e54327c81673c236c51d0f81f375194dbb596c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185665 Malicious code in auth0-iota-gridsome-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb58f2424f664639c22ae1fffb57918026a703cfd5b8a0238556a9fd7c571095 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185947 Malicious code in bunyan-pegasus-primatology-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44f004c3e5083dc69b6b3d2d97f90a416603cf0b7c30f549b404f4f661464ecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185382 Malicious code in achernar-ursa-server-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d7856e46345ac0a8d4e9a71a876092fdd5bbd9080d350dfe107e611ac8b883 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186742 Malicious code in encrypt-bundle-test-deploy-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcaefcbdd1ffb8c51e8f0e7b02fe563dd40e979c5d81f3dc6babebe9775f54bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187536 Malicious code in iota-framework-umbra-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 567b98367203a0161fae816a98cc7b89570f80bdea0f12cc4757f3a09cdc4950 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187323 Malicious code in helmet-geochronology-rigel-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d371d95824a99bc7c0274912a47abb83388ede4bef9957fd5ccc6581349b5988 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189962 Malicious code in transform-carpo-charon-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9df721a1d001a47a01827b2556b96ff9d55853def17552c84f1c6e05a3172c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188856 Malicious code in promise-dog-link-authorize-boolean (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1611eea74b726b3946a61925ceba39c59029db92f76bdd65a1251f03348d7c2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189824 Malicious code in taurus-configstore-delphinus-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb641a5bd2c178e2edebd041165405025d149fbff5933904010bfd420071e94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188800 Malicious code in prettier-pegasus-version-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07184acbaeb5b745eda222d46eac28e2940e487c1388e93807d25bcb67d72286 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185364 Malicious code in ablation-semantic-ui-readable-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb999c04b781769ca44990d467de461dd690a88b83be66c974ada6a559b8a19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...