MAL-2025-185584 Malicious code in astro-cors-pulsar-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59931b01fc60b27e9ad893bc7767e2c241ffa9fd0413df3cddc31dce9fcac8d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190361 Malicious code in xanthus-zenobia-entanglement-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1c87e30b2ade435267565d6e87f20d6053104a597bf4718d9287de3299be865 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187592 Malicious code in java-short-string-java-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d597eb3065711f0aebd72850a6455f97fec66df5b0b7ebbbf9cd4342dba73aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186526 Malicious code in delphinus-miranda-postcss-loader-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd0bdf76910544de6f7f52a3893e80a33923959859d77b7bb710fdc4a41378e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in got-nightwatch-despina-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7336b107d179e0bff64553a286b8968070d2f42a5453b4c4ffc25c5a3be02ee7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-psi-alpha-query-theta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7530cf46aad481c6839f10e0bee406d9caae82ffc06acdedcc54ce75442b73cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-proxima-markdown-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b213acc5ca9f1760d64992f1e2015034abc38f9c8fa31f4bdd94974225fb7bcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zeta-cold-notify-fire-easy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77229f2590e999b50f84151be215aed98544f5d472493de435539a1fb1794260 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aquarius-relay-pulsar-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d6ae11b1b219ec043fde6f59f5ffa676d68e76745da39cdef38ec9ec99813e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in janus-dagda-query-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afb85b42a5c537dcd9141514d6280fb515d53ef44c3e7801ea47c15aa7a3fa71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in filament-thuban-global-volcanology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f73f5c55ef7dd797fac9a3ff2fa06aa2cecac5d2db7aa246d25bc7bb936601ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185390 Malicious code in aether-foundation-request-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffc9fd0a034150e047fd366ef04b684968fb67604112d8700999a30a191a84c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188927 Malicious code in proxy-meta-pi-theta-bad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d262f7cb74cbc02a73246c1079e373c3cf5e367f400f9dcfb0c987786b01dc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185405 Malicious code in airbnb-ariel-spectroscopy-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19845f065d4c024064f3ec180048657e93ef017b2ffdb1aac5409b028db8f1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188828 Malicious code in private-husky-mensa-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3f73ec9c49d224ee7cbf6837dec4abf5ce1ca29d78e986a3c716b2676641eb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188653 Malicious code in phenomic-got-norma-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51a9d6a0685ce9363d32e79a51120d0b4ca86288e24249fa2720d35d762a0c53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188217 Malicious code in neptune-framework-cors-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3763b4aa9bd783df85d8f4890b25b52808b5ec0cc2cb74e17ff14ffe37444e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186160 Malicious code in class-kernel-lambda-void-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f07d1b6f4250bc7debfa02f88d961108d6e01a100297ae64122870d4c9302a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186953 Malicious code in fermiparadox-graviton-brane-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9262fc1c11bb2ad7e0e11f6605fc6d66a164fa4c863661fdfee73f4776ba5f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189425 Malicious code in seismology-jabbah-exosphere-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c45e15fb1d80e15c00756ba9c83738595f758665d0520bb6e276352be59c01b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...