MAL-2025-190403 Malicious code in xo-csrf-radiant-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94c1bd2a4a7e5e0d89c6e97c3243f89b4b6801a28f85c0a3bb946840fa5efd60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186887 Malicious code in exec-local-mongoose-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b872afd1ac291d4ad9a6557070b1a111c63c386c84d16d9637c174bb6e04f49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186993 Malicious code in firebase-selenology-blitz-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba84248994554254847bbbe7d4d7c2dffadaba57bdad95b53540b7220944baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189173 Malicious code in remark-dorado-coronalmassejection-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c257d759eba4d91017038da2f152a2aa335339afacb98736807437b419377fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187078 Malicious code in futurology-taurus-celeste-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1045d491631ce511cf53559c44f9ae0829ae32107f0174344aac337df169767a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187180 Malicious code in global-eridanus-yakutsk-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 049486c85c0e3eaa7064b02722bfb18e40ddc060886b0de61d8e5f4aaaa669f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185784 Malicious code in beta-orchestrate-slow-void-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b227205aa0a92d0a25b8f20a2541e47d8cbbac034ff4a92b57769c69b8e6f11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189315 Malicious code in sagitta-jest-orbit-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97d53a4bd4227f567dec059a9f2b201e3dfe39d01c0295bb6b17cd914e8e4d7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187550 Malicious code in isostasy-ganymede-archaeogenetics-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e72a040292a691c04c12c28505f0378f69205785bee641e65a94f8f7df242d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186938 Malicious code in farout-enceladus-magellan-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f03292d746272f6367ea408c0c0087fee9c3da9085941219a55a63bf3705e7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185668 Malicious code in auth0-stratigraphy-ursa-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11a88a92b26c3c4dc2b4c25959fb6dad8e7465407b50ab1c45e96b9a750a3f00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189941 Malicious code in titan-luna-luna-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d1efe8a02e5a0cf5767bf942f74baa1ba82ff3d393560c1d4740ba7a5bc1b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185904 Malicious code in boson-module-subscription-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b125db232d506bacfed4f1c5a620f3576c9251eeb7e82fe2ab4fc0f609df2ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190357 Malicious code in xanthus-got-telesto-accretion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bbac9defc7fbf4c08b122aec88f87e0ce104ee49d981074fef3a67e0b98cef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189698 Malicious code in string-index-dog-abstract-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0af2d6d92154eb01c8b45b503a35405d1411364034f103800c56b39d2cb0a2d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189058 Malicious code in radiant-on-oscillation-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17ca9d06180b7ce0f8167aa6796479c6ce559c18461c3ecc78a266ab88af199d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186968 Malicious code in figures-middleware-proxima-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cbf4552596ae5fa6dd65d248b8c6308deae5517bbecc016d04d16fde823a4e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185541 Malicious code in arcturus-centauri-iota-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b062fbcc4e77a805c34328bb8e4095c779c20a7fe585cf258b619b7029d33cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187097 Malicious code in gammarayburst-remark-boson-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 189eb1d8deef0058a6d5b3ebe8e29eea889830c8792bb5de6f7daaefece15c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189339 Malicious code in sandbox-interface-async-awk-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d605d85b24fa0acd2475a66a7a1eba0ee7f360ee3d825df216f0136d6f853d35 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...