MAL-2025-188757 Malicious code in pm2-dorado-lithosphere-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd0bf0122bf53ffd695ca74ef50913f10924601962d70f7e2efee47d07ce23d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188229 Malicious code in neptune-sync-holography-xenobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d57b68e79022a7960c4c1549b9687a8d747ccc77b49e84f234d1288166c8ca72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lepton-async-archaeogenetics-exoplanet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f676584cd19d58d3daad93d526fe717b85cbea7fc7cfdbdf085a8c6a7d81fef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186841 Malicious code in eslint-plugin-commitlint-config-angular-terser-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844532ffb61dedf116bb671dd0cb7a8e6ee68b4d6e7b7a3137265a273e7fca38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186722 Malicious code in emulate-link-shell-async-double (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf2c1b630e620fe1fa496bedbb43c8e83b304ef52edb5caa9ecd63d1dfbb13b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186742 Malicious code in encrypt-bundle-test-deploy-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcaefcbdd1ffb8c51e8f0e7b02fe563dd40e979c5d81f3dc6babebe9775f54bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187140 Malicious code in gemini-ionosphere-superposition-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9915da48474b9a7fc365caff832585a7c79e69a676a479e6add1449dbf3314 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188676 Malicious code in phoebe-sagitta-cosmiconfig-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef0e13ea76237699131190626c9abb30663026fbd8636c42b98e42d5707324a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ionosphere-triton-selenium-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d954d776ae4202f524932128d3db461e6808e8922852e0d2ae522b55c38c3597 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supervisor-helios-stream-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a44cac380e2a9e5d329604fac7b6379508564a6b89d5771cd9cadb663d17c205 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188444 Malicious code in ophiuchus-spectron-webdriver-sedna-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71fa83ca1c2d7a7aaa4d2de8c7a3e5b67b553a789c8feb8c2b2f77e620a77f73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187381 Malicious code in html-webpack-plugin-zenobia-nebula-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda7c207337434698205e1a554e373872174bfe0253efa98b12e47eb140c345e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187057 Malicious code in function-finally-beta-fast-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 277c2567a05d73248efd5212ab88022580b3ef9176c3513534c105c50a8feb43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186275 Malicious code in config-darkenergy-heliophysics-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3f2a08be0835c663a99803c2a7fa6298b462438acf40f200e42fac09cc218c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189733 Malicious code in sun-good-optimize-big-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404e006eb03ec8cfaca6aa369af6610f8b08252f71d38cab7166cae41a91fad2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188216 Malicious code in neptune-europa-version-thermochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bda02da4b17be35dae8af31f33e45190975dc5b800247dd179363537abfee5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187800 Malicious code in link-upsilon-link-kappa-compress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3067d1508451f6789510b62511e905e3046d9763f2244761c52bc46576b6b073 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185365 Malicious code in abstract-decrypt-async-public-phi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b85be1c1821e69911d086ceb1086440095d3c75414a4be0d017c6474f0df12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186538 Malicious code in dendrochronology-eslint-plugin-andromeda-helios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24345b9ae34655a19ecf0ebf2bd34e7ba0977ddeb6130cb2b356585ae554d64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189255 Malicious code in robotics-proxima-thuban-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c49c583566ab4a988020e91856a8424efde07c79821afab4121ca10ecb8ed77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...