MAL-2025-189979 Malicious code in transpile-new-cache-iota-quick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c5f768de28debbd6b75b7ca7af27a0d76a8d2e252a57dd227893aeb559ff981 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spinner-command-solis-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f267dbc36ff88fe19ca4064f576af5fcdb398942c5d4cfdc639f21a86ed1935 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in triton-subduction-darkenergy-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ded23c9e0124c562aa6da9484bbf4806d7866cad1d4d49fc62d109bf56d9f83d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in venus-dactyl-publish-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00e0885c4752a431d7ef0c7c486161540c316f43b132e783036e81bac58c1dc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-yonder-algol-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 253c03584734dc9e8e93d7161dd055c0d90d428edf1d0c4c967746b29f5ba449 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189097 Malicious code in readable-karma-xml-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c0d2d3a27b749da169c991b93d852c67354e41e03611bad2d5b9db3647047e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190321 Malicious code in whitedwarf-tectonic-izar-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d7eeab34171c39b6e376b91496364ea321602b2a33fdd08204eb114c4d08573 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleontology-sublimation-europa-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728852e6894f3773a238ae2b14622827618e7e93dec54e4f2b126446b439cd68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-supernova-transhumanism-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f080f91fc223896f4b99c2ef315f355058984fd6c7ad8f2a112c9c4f169b8e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scorpius-cryptography-tethys-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52cf0ef766e6067222830282b78413be7eec3e4b4c626b0654c98e0a5334736f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in materialize-repository-dione-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b82c43f714b10f67dce4baed55a1a1ee8189351c594660d8c8ccd7e9f6990d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-eigenstate-redis-dendrochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 759e0217eb98b243fac66ee07044f52bb45dcef07812a002d4b008377c2750a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187090 Malicious code in gamma-char-visualize-moon-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91808148516e73f132daced2f432b7c2f829ad7821d229f086fa5904c51042c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186308 Malicious code in cordelia-solis-markdown-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a190c5cc853c9375209877f18132eca1a00d888440a8dfbc5980ec1c3e3bbc8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186565 Malicious code in deserialize-rain-stub-alpha-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fe3e3ccc671a2079a03fbc27a83e769b85746d020ff909b6623c07efafa20d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in build-geoarchaeology-mutation-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15ee4d207302be939457bba8282eadfa6cedbbfd6ef02bc6f279847b956f4f04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sanitize-hot-quick-log-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21b181ef62ba0365ea1c72e8ce33e599496c5c070e8fd9690785ab4e1121f5c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in toml-airbnb-cosmicsilence-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97d44c0c36406daa61d61175a2b7918aa25a02a62761baeac9896e031b80cf96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185737 Malicious code in bad-old-deserialize-bundle-boolean (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cdce2dcf4be67b168c96fb9a58af64b1b400ef7ee5345b993348f76fcefd3c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186927 Malicious code in express-cors-dysonswarm-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d813d65a50244ad3649baaef287695f9e5c9fcf145c42566664a40f4d368e4ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...