MAL-2025-185874 Malicious code in book-sanitize-cat-cold-class (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e62948a3099c031b544e79f768e8afc9967412595d8f9b895397d21f52fb7404 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189365 Malicious code in saturnology-titan-solis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ac9c08c9f27bb03650f8aacbbcfb13a60b7694d383429b9b3af11edff258327 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186261 Malicious code in compile-xi-small-star-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4093c99a795c5f49e5a473608bf2cc7fec08c50ea65fd9dfe7bb1d5937deefe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189548 Malicious code in small-route-assert-compile-interface (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 754381085149656b673543a0b5728e914427033cbf7ccd6f9b1fe0fd34b5a474 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in luna-cordelia-blackhole-lithosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4671bed4986784ce341d0ba6709ba439dfb5c96942dd8001c1ab0c963fb1d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleomagnetism-levels-rocket-dependencies (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac6239ea4745b7e2cbf904de78f70e9f3f56989717525f63879e5b541bc276dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190012 Malicious code in try-signal-lambda-execute-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff58345af7f94838fe702630b47bf18db37968f47a7626a391421cf46ad542f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189903 Malicious code in tethys-acamar-protractor-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8f234d34a0dea492db0b42ade03fb70e04249f9902f2e5f7a4ee7ef9225a278 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188151 Malicious code in mutation-cladistics-graviton-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48b72ad4908dcbef9674d785f529c71aa2981793455c795ac5532487e8fc7328 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sociobiology-radiometric-relay-geochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c45a0cb4544585045819b6d85c347bea35b81bd249d8c80c711911c1321c1ecd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mysql-spectron-webdriver-primatology-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9acd5009432500e94d681e420e8609ed75797139abe3257f3de9937f8018298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-dotenv-whitedwarf-decoherence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5aaa9a0b578f1e3065838d076e1317f2e55e73fa4a622e040910b8fa3e0bf73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deimos-polaris-gridsome-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2d7daf5a58341775641235bf8ae1045625d4dfe06b3b0772252ddf9a2d15bd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187922 Malicious code in markdown-cors-janus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab8745a2c08a63be222f6fec9a081416e65831afc979c6869d1f90457518dff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189969 Malicious code in transform-semantic-ui-eleventy-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ffc4d6e7b72b0aaa2abde280bb586981de8ed65cc2174a163599fb04f6fa777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-ceres-package-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361a97cac0a8ce666550c7ace3fa953bb91e64481b6e65e216965363c50c3fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cordelia-indus-cors-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b161dd83470ad8e5d5e7fae8eb08ea363c660e9e4d923d81d7c6716a5955553a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187371 Malicious code in hot-thread-cold-fast-epsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c05ed2faa72ffc66743755809b61ae158c8a76189298f711ee7005be644c7df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187142 Malicious code in gemini-postgres-rehype-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 835234f600dc962131b0c036e7163ad52a55b2eff7514f87441427dbc9a88dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186971 Malicious code in filament-axios-node-config-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01b4ca708c825886f59edaa9b7603233077a52e4be38ca0410b533b306826913 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...