845 matches found
MAL-2025-185477 Malicious code in antares-thermochronology-parallax-blackhole (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1edfdd0642d9a4048a8b1734c5efe86d4bab6e2ec788036da89cafd83cb23f0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186404 Malicious code in cryptography-epimetheus-prettier-plugin-markdown-run-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e74f3563293b19e2d0093030d411190de1d0d6a99c8d37a5480f44a9cffb1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189931 Malicious code in thuban-areology-event-quasar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55ec620b28e4ddf5c67a236718d01388f9e7c1c6a69ac3547201d98f5651b95b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190404 Malicious code in xo-halley-less-loader-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96b37dc1940687ac22f89462e574c1e94a104bb168b0c8d2da912aebf30896e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185835 Malicious code in biosignature-winston-xanthus-octans (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e90dcc2ecea82bf4db69b8db7b01c821564ccc7f9fabba05f79f2c63202efbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in run-script-sagitta-pulsar-alphard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 301093ba1f19945b67f4a51c33b12c18edddc6ceb26f3c8bcb80daa80505b50e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hexo-interstellarmedium-spinner-less (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d056a5ff5a98aa34e68337b4e80e0fe26986ecc5cc6a0b376e60bbb1dac07d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gridsome-planckscale-primatology-speleology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7518cedd7951dca7e3b0b962acac9863b47e470220a639cb5aeef37ddee442fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in umbriel-paleoanthropology-aldebaran-areology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e427da85bb0ae94d10d4ccfc297f458f821c17324d49a62fba408aa7756571 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rollup-plugin-chai-soap-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 961e8a7cfffd287292e217d76e3379b062907280f409cf0ea9836155a60343e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rate-limiter-hyperion-pavo-protractor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0e5bad268f6fe6033218f2c4a2400977013b473187c738072f81c51a8f61998 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in celeste-baryon-stop-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 846401c80326a995821fe08966683abd9e419a6930435b3f12e358b285781155 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quasar-backend-altair-callback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35756d40a25a4bdb4052a566e3b66b63592849244ddafa63fe0a0df31a150e39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187753 Malicious code in less-less-phenomic-paleoclimatology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a7ce82d0de177a86da9faff7ef6e6acca5663e15b9edd4f70881eea4adcd72e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in scripts-shelljs-quark-gridsome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c62f3ca6bb9a8405ca6865e83fdd43928f000b1e887a138caaaf6a211618764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in graphql-nightmare-css-loader-abiogenesis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827a1eab8ee4f7a8518854247fd592f6a76ba721ba6900d144ce9f687b27a255 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thermochronology-paleoclimatology-redgiant-celeste (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 979cd12d958283fd1c23bf6a1078f71dca9dda1c7468c9b295f649ed3ddb719f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bad-transpile-xml-signal-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98b31e71ed2a6d4bf88c6076c957111d72558e44d36bf8a63e906f6074f9624f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in signal-star-benchmark-report-small (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0673039fa65b37bfe01eddec1af15894215ced0879b993d1568ac9ea76e07d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in react-bootstrap-phoenix-janus-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bfaac5b13ee3615038f009dd8cc5708e1733b833f6322bcab514c56246a82d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...