MAL-2025-188921 Malicious code in proxima-thermosphere-weywot-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2244dab451a96c625aa78d793fcb3ba1931ffe5080498587c46c6bbf7f5a3d62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kernel-visualize-meta-import-transpile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9223446c8456063e02bf6a2c8259e55d37e8b0523946e7d529d719fa47b3a4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fusion-steganography-tachyon-exobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16231dc3a37859ca38718acbee5374328b5cb6a2a4f63bb4577fc051dc2be239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188026 Malicious code in meteor-jupiter-jupiter-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c15bb4dde7cb205f506deb37c235142955b3906d8918fa352ab7add70e6e9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188530 Malicious code in paleomagnetism-process-rigel-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 806c222b404c6835419bb2dc3e3292a0bfea544dc0e55b7579ef348d91329803 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185863 Malicious code in blueshift-kuiperbelt-asteroid-dendrochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6529f5366e3712b3bcecb53700bba7cdc4e0d404e2d5487dc5e3255f0093eef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sigma-try-deserialize-slow-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa134277639263f6619b38cf6bbfcabf6eb3a6b0fcf40df08f3f58df3e53a0ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188092 Malicious code in mock-parse-earth-export-hot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34794b0828e1a200e5572cca5b219a30310bc6f4495e2634c3ddd92840c50ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriverio-rate-limiter-wormhole-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 546a55ebdbc1b18fed5bbad6be8b757cfe2c4fa0d1f046a9d5deff7b296f6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186661 Malicious code in dysonswarm-lacerta-unuk-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1d4ff271822892355055959d5575c07ac632f3836ddd6d8337d4c9f6915e83b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185234 Malicious code in soniec-kat-favr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af7858c82682c285822b8bd8fea2bc14400481b3d649ff1853cbc2ed6d31befe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181827 Malicious code in avangs-olioms-nolibamayi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac4a5e1cc8e53f27b4ee50de4c015afe45193fc5a85b89d56957b4b15eb81322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184315 Malicious code in modiov-kifni-ufavcseqinuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 113e9ae876b6b3534e3d1de5440858be0fc9df83736c9088ff35defa30f66060 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185118 Malicious code in sonic-kuig-tnaeav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5383e188e2740f1260f965dfba10c05fdceafaf7e1243aa2a77f0fcd33ff7eae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183151 Malicious code in item-atim-kujaubi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a515105704b364390c847f65133cacfa3f2bcf38b7bf048deb2b0932d07ad753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183525 Malicious code in loibac-ubg-tuaga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bc2eb1b68aad30fa87532be6e8c04c165d50feac5b23ec40ba305320e68f020 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in anabuyil-inanahu-ninni (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c94829f9c2605c1e2f19534fef07048dd67c9bdb43dd84365b52ea13e9e88413 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-179743 Malicious code in kiut-acg-avefivubufuig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1680841ac6e99f6fc95493fc8662d8377c44a130e23618433f91680a2cd0bb8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-177912 Malicious code in polymer-datdfadsid-dora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2391ff8005197875595bd3f446b394863152251b6b323adc9af31e703cbd32f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...