MAL-2025-186190 Malicious code in cluster-wavefunction-subduction-transhumanism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0e6bd0652b5e4d018e928834eec7a01faca00e01d4f657865eee6364dbb3b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190284 Malicious code in webdriverio-umbriel-sequelize-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367388f26f8901408f98dabc1ad28b7b62064486fc25c56a4c1d0405469cb2f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188399 Malicious code in odin-lepton-superagent-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9097df2563b7ace6111f9eb81ee7999917d9f30b57bc2a877dc879f5d0d1577 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188151 Malicious code in mutation-cladistics-graviton-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48b72ad4908dcbef9674d785f529c71aa2981793455c795ac5532487e8fc7328 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-mui-neptune-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136b3090f7d6b067b36297ef6ebb55a84557fb83a4e61d63cd6cefe4a117bd14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188872 Malicious code in prompts-meissa-lacerta-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c10fd22419fb3d6e178c081f9d5255950af4238612ae142fa4a8d8b98ccd3ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189167 Malicious code in release-it-nova-orbit-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 860ab3495ac1d9fef2ffac460dccd2454e48b85c3df2a2fa18a230ee9b876907 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkenergy-style-loader-style-loader-node-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b63bf79b92c5f6a95a6dce7dc164aa540cba55e4dccae81f7f45965620fdf7ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vuetify-xanadu-stratigraphy-sedimentology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e45d74c1ef8ffd448ec4e12050350dd998b0f5a6c4214ee0a6602dc038f1e42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apex-fork-jupiter-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abde9d095ffe2c468fec2bb75102133f4803428db20e669e77b0057e79fd5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-minify-minify-proxy-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1208fc2ae9856f039e6e138fcb07fbd979361c684b17686c6b35f22247a99bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in json-protractor-nestjs-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9e51fb2a7e3a96397a4f164c00e4a75d72efd329525fe13fc14a9c7ef50102 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in robotics-auriga-eclipse-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c8603622ee8e5a543e52a8e1616d015299b855bbd4ffd91c72063efc39f558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avior-quasar-comet-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f81365f9fc5c2f91505f735b8c2f870358d8ccb4640b6b9d0b2904e54506807e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zenith-cladistics-plutology-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05e4a78984349e9b233c2b9c6774a1bdaf97c0dab19c4ef6f0adec068f2c6150 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cross-env-atlas-thuban-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 123d82a3501a08158da19efd0782a7ccf3a05e357e6549c278b82303abf98bd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbriel-zenobia-sedna-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68b10880c1028577aca2324bcb02cb17d6dcafcf9da7aade9173f0cd6991bed7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in regulus-eridanus-meissa-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe9ebcfb13b4dae50d2ace3ef1ea735b3f71d9f8e886e7583a36ccfdac361cab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187806 Malicious code in lint-janus-juno-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09c4d24d6c0937c0a916af5b388852eb2c5e7fb318480dba1e23ab03c3047296 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188374 Malicious code in nuxtjs-ionosphere-parsec-cosmology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fc3f9da4423ef958a565eaf87c9128d968bf1ebf01edc912b405a408b76df87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...