MAL-2025-185907 Malicious code in brane-kardashevscale-coronalmassejection-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d78059d5443582ab6158f56cc1d43c50c6eedf26fad4a962657ce841e070eee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189391 Malicious code in scripts-shelljs-quark-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c62f3ca6bb9a8405ca6865e83fdd43928f000b1e887a138caaaf6a211618764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189018 Malicious code in quark-dotenv-safe-run-script-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a6e17931e4aaa6fd168c9dd241a0af9cc5a149837770053fa39c03d71da231 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187774 Malicious code in library-bellatrix-cli-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc1df04aae6a025d35e24d1c99352e79b2f30d9b4b6ff361adaaeeaa36618854 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187777 Malicious code in library-dotenv-safe-gridsome-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015ef35070afb3d62e79edffcfc89b48d4d0856e6ce0ffcb8848971476865a32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186830 Malicious code in error-validate-refactor-byte-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e7990422b33800950f82b858c49bc8d9140dbd49c020770a8373607ea132679 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186151 Malicious code in chromedriver-non-blocking-chariklo-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69e3235429342473e1c54ce4bcd3e40bad9b9b47232d9bf913d071fe49eddd8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186997 Malicious code in flare-polaris-sadr-alphard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1ed2baf393192b5d6507e61ac34292a1a2f72fa14241f210bfb3dff96c5dcb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189044 Malicious code in quick-info-star-new-import (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8d2af4a7471f80995ba4591bc1d021217434d34977fb94879b5ed115d965a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmicray-foundation-nconf-plutology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0dbf7483a11bffe55186498bb83116d92b8305d73d895046151e98bcb9b1025 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186643 Malicious code in draco-terser-webpack-plugin-hermes-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfc47154389db6b336180cea32210fc4d2ad1ab645c023aa1af51c7d31900f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189630 Malicious code in spinner-uranology-terser-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da7f5234df5681f13b658fb2fabff25e4b06dd41215f41a2a1bdc11964a46de9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189129 Malicious code in registry-quark-barnard-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8be35985da5091690aa56f84416af345aa641a6b98c78446a0a03f371a4176d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186771 Malicious code in envconfig-apollo-dependencies-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc6efee11ebc8382fbece0fc1803392ff0837ae4af2341841d4b417793e252fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186572 Malicious code in development-antares-xerxes-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4362fc9df795b9d7cd12a02041fd8a23c9956574057cd907b59e60ecca9a9ebf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186235 Malicious code in command-pulsar-atlas-on (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72b38ad021b2edab7a1022fa57221eefd500f88a7e7cf7d45dffc7b50ed47d2e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188674 Malicious code in phoebe-petrology-sirius-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f897ff38dbb81fa575193bde8868cfa42159ce1bb70838cfe850d7c349b77de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189641 Malicious code in stack-theta-meta-index-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1540d87914707a278e9777b85d134c2c627f02d165bde85e7f01f8b9dfe3237b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189881 Malicious code in test-cache-rehype-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c6d134b4980b93d8c9ca0986a32a823ed1185745ec35ae4127978f61c7e7324 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...