MAL-2025-189694 Malicious code in string-crust-exoplanet-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607e2f5aeee990d1d2e3b76b3468cde2ee84ab17224b598c35f9804f65bcc526 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189850 Malicious code in tectonophysics-sequelize-whitedwarf-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6a418c5c79fe80c62d72488d51e495118660bbfd475cdb942da5cab826ad3c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185709 Malicious code in awk-sun-deploy-key-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 269eb7a813c15992670144ef18f9ce3cea7e0df757009a82a2b25dff93f3dd4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186487 Malicious code in darkmatter-gravitationalwave-less-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60169f4539ca2dfd27fe10bf32020236f1d4b0106bec0644fa577812e0362eca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188133 Malicious code in mu-mu-psi-zero-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86e30de6ba5cb67955c7eb4e9c932eb4fdf8670ae52f71ab87c5f98463386b4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185977 Malicious code in callback-kastra-wolf-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb66d5a617c669b770ffbb95615634599f72d7c637d3c6e848b38743c7a75bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185727 Malicious code in backend-exec-husky-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776fbd4098371f588d6cdfc712e363d560bdca553c92067e6828598d2381a7ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190024 Malicious code in uglify-js-gatsby-mocha-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35678a78049826e95243c5ef05b567ec7a727ae22384d50851840ccd22a90cf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188879 Malicious code in prosthetics-leda-mantle-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02ccf110939f33fbfa2672f6cba59b7579228e554de159d0d913b20d0526171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189391 Malicious code in scripts-shelljs-quark-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c62f3ca6bb9a8405ca6865e83fdd43928f000b1e887a138caaaf6a211618764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189018 Malicious code in quark-dotenv-safe-run-script-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a6e17931e4aaa6fd168c9dd241a0af9cc5a149837770053fa39c03d71da231 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187774 Malicious code in library-bellatrix-cli-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc1df04aae6a025d35e24d1c99352e79b2f30d9b4b6ff361adaaeeaa36618854 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187777 Malicious code in library-dotenv-safe-gridsome-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015ef35070afb3d62e79edffcfc89b48d4d0856e6ce0ffcb8848971476865a32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186830 Malicious code in error-validate-refactor-byte-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e7990422b33800950f82b858c49bc8d9140dbd49c020770a8373607ea132679 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186151 Malicious code in chromedriver-non-blocking-chariklo-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69e3235429342473e1c54ce4bcd3e40bad9b9b47232d9bf913d071fe49eddd8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186997 Malicious code in flare-polaris-sadr-alphard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1ed2baf393192b5d6507e61ac34292a1a2f72fa14241f210bfb3dff96c5dcb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189044 Malicious code in quick-info-star-new-import (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8d2af4a7471f80995ba4591bc1d021217434d34977fb94879b5ed115d965a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmicray-foundation-nconf-plutology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0dbf7483a11bffe55186498bb83116d92b8305d73d895046151e98bcb9b1025 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189630 Malicious code in spinner-uranology-terser-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da7f5234df5681f13b658fb2fabff25e4b06dd41215f41a2a1bdc11964a46de9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...