MAL-2025-189001 Malicious code in quantum-darkmatter-native-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4b7d2e949c0c56d06fd440de24261c533ae34fa972d0a9fb8cd3cce716c207 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186877 Malicious code in event-miranda-rest-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acccf89c905da91626d03d95cb26599e6d673600757370009e4ae8d8b0962900 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scale-deserialize-function-optimize-hot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc14d89c9ce2065dbff31482a95cff1fcbe19a77c703a1f8a4e9da899b874f14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-mesosphere-extremophile-ablation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 026bec84509e820a32ef1a7cf7eb8fa3d64b4a3ff41ce8a3e5a1e909f5e90560 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-koa-fetch-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0542faa9fd01fa72c958cf46a1d5a08f0ba4db727709a088052187230321c063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleomagnetism-nightmare-radiant-hologram (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40ebc12787559b7d7eef63fc5cd7c191164484a02a9e5d88f09f05d350422018 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186940 Malicious code in farout-hydrogeology-juno-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c08452e7565cb4869c01bdc75de3e09a2f27a9b0d6a9ed83d2407febefd2542e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185537 Malicious code in archaeometry-impulse-galaxy-dysonswarm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95a771881cabddee40de70b816e41a9e98fab7a207bc97d1bf8ebfd9b215ea40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aquarius-relay-pulsar-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d6ae11b1b219ec043fde6f59f5ffa676d68e76745da39cdef38ec9ec99813e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in integer-kappa-sigma-double-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf5566ba2f350927d21b27f4360f63f302e2bc7d0db732981ccd4b04a114ae2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in primatology-paleoecology-archaeoastronomy-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 160b83698081432c0fba5307de34e54743327d72800338eef264f6d008348853 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188067 Malicious code in miranda-despina-sqlite-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 878e603c295849975d59f748701398821459653943002d7433907fc9b3f73aad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187526 Malicious code in io-radiant-kinetic-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3062fe4212f195fbdb0430f3df687e288bc65fe6c974ea700963c2c381fdce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186829 Malicious code in error-simple-view-public-float (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e47bccb9c5e1c28d4bef78850255f9937e5e7874e0067f26188a121d249b24f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182675 Malicious code in inda-fodj-go (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d7ca5488efb8fdfea31367f059a6a57f749a6ec24b04b28b5683d8d808ed19d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lomi-fus-ugaif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a69a4bbffdd5887ba869d2740afeb9844515509a5bd4211ff2e84643332729 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sonic-os-afisigafoa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f9138d2047268c93caa4fa30b9c227bbd22a3c7553c9d524e5b20ae4d605d11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kisut-difg-diw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aed4d481fffc80c188a418b5db1931db1f5b0fd447bd01c0fcc08389016cc1fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modiov-kihan-afibad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf4217dff2972b695ff85c1a93db4ab5fe81eedcba2d5c9515f4accf6dd91d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184479 Malicious code in moki-luni-huojaim (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9824316a7d15211102f6327d6474e93f93860067ba369de72ec3dc1c8e9d08f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...