MAL-2025-187203 Malicious code in got-paleoclimatology-nebula-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c594bf125d3e98c114785d243fe86ffa7d25834160d19bd9debc56f1fabc9f4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185553 Malicious code in areology-darkmatter-ablation-thermochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ccfc4db01117ee624ad9404c0333c608488382abb48fbb690352e94c3f4e111 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185735 Malicious code in bad-kappa-spy-fire-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fd357cac25b9b3eb95f0ee24e2f44d4765d6fcd28cc491590ab1b7e043b31da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185659 Malicious code in australis-prosthetics-cygnus-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c7f44f8a1fc4bee8f9c950dc48f3fe4c5d0ada66b921fdecb7432b24e85745 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189803 Malicious code in tailwindcss-bunyan-spica-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ef7ca0b166720ff7a48b675cb46297e227e219b0c43a8ef775f03020ecc2363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188863 Malicious code in promise-selenium-bellatrix-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 192014beffa1439654661cdd153d050d1b59764db49ed8256a5b6630ebbe3556 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189195 Malicious code in resolvers-chakra-ui-bootstrap-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d79ea6a0ddcc32a8eefe901fe9fac78119e8f7ef1b653b5f8b55b441099df42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189065 Malicious code in radioastronomy-mongoose-inquirer-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98b90a3ad43fd3d17f857f0d6f4fe80c069a4b11b70c9356b9193d840d067320 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188442 Malicious code in ophiuchus-polaris-mineralogy-proteomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6990907cf478a6777456e1509b1e4616038bb303ecad91eb09e0643fa34aef14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188675 Malicious code in phoebe-react-bootstrap-heliophysics-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68274b408b6fb2382a5f5a2aa275eed20c2fe6bf4f3a8f6a33645d810c97545f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189253 Malicious code in robotics-cosmiconfig-repository-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0266b476269ab6fd31c48f2494f05ec86eb1f1c760f1a50609d36e29474bc75a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185844 Malicious code in blackhole-prettier-plugin-markdown-achernar-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bb53a6893f547e5d2b550067d21c5dd4f44f24103e7ccc2d9d6da09bbda4292 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187943 Malicious code in materialize-framework-electron-builder-enceladus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2a40e282cec551d107ae4fd4f279bb9af587898b119a66cfbc3a478e8c8172b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186949 Malicious code in fermion-geochronology-quito-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7a2f7cc81ec51b781fdd5edf0b82a3ff487dfdb67166aaac920eefd31e6d59e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186628 Malicious code in dotenv-sedna-inflation-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a63ee5fbe8c7a17380d2b2176b6e0387bba7788e959c4eb1e36dfa779195d74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190057 Malicious code in unix-execute-file-route-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d68b960e530b4d83fb85ec9128c0b09c044d524863710059518465a2c086801c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modiov-kiufni-ufavcseqinsdxaodaycurptvmaduuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20d816e64eed85902589c89071c41366e391fe017673fd55c6fc312c29de60bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modaiv-kvu-ibaibuacamuvaavua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1107467b2e93ba697edd8739c6c16bac6f43e97d0c7827dc254b6229f46064fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mlokok-lfki-afhbi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53dac29e60f3feff5b441d4c7205f30e1259bf589dfe2a46e9407a77653317a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lobac-ubb-aa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14ce6fd1c582a2dc4c18581b402f29347c8029e0b1c5981f1870b3c75aa6879c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...