MAL-2025-185867 Malicious code in blueshift-standard-altair-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2495eefe689d12164788cd5f8932194479b7babae1155e232d3b3ff8d369fa2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitizen-antares-magellan-saturnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b1c1df5aa59f1547dc7c7f609cbd53203e8a2d44e63c739099244c9ac7aa5e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supervisor-cosmicsilence-kardashevscale-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9573fa09b793a27dc60d132b1c9ae19d3c0b44531783b2302554c24bfa8ed91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185393 Malicious code in aether-procyon-charon-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0043c2d601e5e737e24d450f0337f2b0fd8171c546edc58da69d61cc5eac5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187787 Malicious code in link-astrometry-gulp-transhumanism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4329a95dcfa0e1622818152248a41d94a3ba730de57357e0fa2c4f82e5e2950 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190409 Malicious code in xo-morgan-css-loader-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df18935c38976d8952bf589369f1a0e87fbdb16e09e484594e5e302fd8d55ee6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188951 Malicious code in publish-magellan-magnetosphere-paleomagnetism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fee2dc3ceeab278bb8c4c5fa3312ad51340599245bcdf8b5de8eeb28e8d9bce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188391 Malicious code in octans-parallax-webdriverio-innercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 496d68bf6fa75d4bf755d7036f37d3f9dad648ed79afb38a982a3114a2ebd9c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187351 Malicious code in hexo-commitlint-config-angular-nuxtjs-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa04a244c2369734edc8b55f4a7af30007d71d3275a23f60c9548644507fb197 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190395 Malicious code in xml-ganymede-blackhole-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f9155b2d8ce820717206738c409a6b5bd08e2b6d23bf512466d5e1be776f14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188359 Malicious code in nova-singularitarianism-warp-redshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c0803ecf0fa0167d661a7e276211b0421fb37f0f5a88da29890880d932bd520 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189991 Malicious code in tree-awk-notify-beta-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c40a4475634ccb865c954dd93557022a7dd70e0549691c1cc71b59d788988cb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189437 Malicious code in selenology-zenobia-loglevel-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d2c2038273686ad4e4c976e60b166c18b1148952183ab5873e7216c6dc12c25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190307 Malicious code in weywot-webdriver-mocha-loglevel-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10d243add4dcc6bc246152c76b5cf2eab5692efb2dce0904e83bf7400760b1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188014 Malicious code in meteor-bulma-augmentedreality-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69a98a414d2ee0424f8b9bf8fc79623e0b8b7fa9ff1c5249382548f140103353 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190382 Malicious code in xenos-xanthus-celeste-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e905ee031b2c4ef7912618f1d64a99f35e6da479055f1504c5b29a0adaac500 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190472 Malicious code in zephyr-yakutsk-update-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4056139ea2e6931e54f1dbb6be8565d9c94ad19a8e4cc44520c8df7a00ac25f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187566 Malicious code in janus-avior-superagent-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76d7e0f0d70899116b4fc6cea226c83b8d9abec5c181fad0840d0e4d2aad1cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188714 Malicious code in pipe-auth0-barnard-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93b3b68d9a0c694ca31182e0583f4bf4ee987574a2c4a765974633b4f89dc72c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187203 Malicious code in got-paleoclimatology-nebula-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c594bf125d3e98c114785d243fe86ffa7d25834160d19bd9debc56f1fabc9f4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...