MAL-2025-190314 Malicious code in wezen-mutation-ora-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 785a2cd14109740cafff9a8e5b31c61ce4568134f9abfba94196cfe4cfa0d4d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subduction-middleware-javascript-supernova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7115b54f7e57043e98fb77619781e6bf25031e1d32deee60dd41e1798635fdb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vuepress-centauri-transhumanism-astrobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdb05993db85d17c64f179ee15f5d3d4425016c0f6dd71699c1b011dd854db6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mocha-solis-zenobia-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 791a6cec3f182c161aa66f92139996d04af8b3bb22be7b7996080517a5e39e5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187538 Malicious code in iota-hugo-mongoose-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a38d5dd37b1d3a02248bee4b3d4f536393bee7b92c3c8e07a12e1e35b6cfdb14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188756 Malicious code in pm2-development-postcss-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8abe1ab361bfdc7c9bcd7a0b5a189b4e741150d6a0e1f27487db31c5615e1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cat-air-xi-slow-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fefed3200aae9b03b2b7c8bfb5a00098ddc2ba15609c9a4286de08a7b8603e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186280 Malicious code in config-regulus-auth-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189395 Malicious code in secure-compress-phi-bash-orchestrate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4452d7b0255f5bfde9306684c29b815108b9f682b2d753820f2f60cabf2806da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subduction-exec-redis-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50aee37e6d03929cdab61b680843806f2fe81f55e49f41e75b37f927111ca3b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grus-eslint-enif-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2665229504a76f62aadc3c746199bcddc2405c318e6b179d3c086fb8aa5b480d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186799 Malicious code in equinox-passport-janus-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3f11b68e3638d03fabface74d4eade1bc5f8df93eab7c0a224d47b29af1d9d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callback-typeorm-venus-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aec581ec2aaeb93e6d9e2f1e491d10bdd4f46293f433cc524700fd81c2395f56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chakra-ui-levels-mdx-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 442adf60ce8acbdcd15a70104aa1c2f5e2133c7fc2475f6427313c300e424095 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-procyon-xml-planetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98f22cb07a609a28b005e4e95f1395efe6c1caa1b328526d3412489ff07456b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitizen-markdown-luminescence-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e29190f0991b5c48b8aa19bbf70fe09d82cb90699736789a0239e3a6035555 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185926 Malicious code in build-enceladus-supernova-joviology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2af451850fab8801d34120d211470e5a231805d70b0ce5794c0fb4df3c2cc966 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in entanglement-xanthus-lithosphere-lightyear (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 333e97682c5bc7ce007d488d37639394bcb23ae78a35b89704857c32428730dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188417 Malicious code in omicron-enum-link-permission-double (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9804048589d4df4d871f01e83fb61ba2d7b918abd2ebe1ed69a6e045eedce720 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astam-if-dalimk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 962ec2cb48f655922f880ae36e43ddb4b72465a5bd7dd17e59157123faf6f195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...