MAL-2025-187863 Malicious code in loop-cosmicray-repository-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f610163d80c4d4634df39dc9eb5e1f94442dcd4e7b119bbb4aa148cef9ee272 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190273 Malicious code in webdriver-mocha-isostasy-arcturus-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2f393ecb95e8e9f5f3425763254c5601275e09c6da401d019ce63fa0756169 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187424 Malicious code in ignite-chai-mira-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ce891d93375fc44ef940ba2e552f0edb96f80dd9d0738d90e22a7a411c2fb82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186161 Malicious code in class-secure-function-transpile-authorize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e28b11cbe99b65195c5c3d27c542888f775612a52a9dec629226c3caaf70c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185951 Malicious code in bunyan-resonance-mensa-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a65863ee55838a0a6002f037f8899a14e638e0c1328dce784f74dfa7763be464 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resolvers-forever-mongoose-multiverse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb698e9521d3e4b25725566a6542fa166e4dbf4f9e61de34e643fbe4eb435770 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eventhoriz-event-planckscale-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a969531dc342a3106319fd93ac645317db9acde1778df1db5647cfd186fda89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in taphonomy-quantum-juno-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1c55fcf778bc9a94c197a9e35bd380a006dccfdef8a994237a6c866a0b39a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in throw-omega-catch-hot-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5660c7de16bc52821723bdfd1087c32d214e18bd66d23f006a40f55180fedacd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in taurus-winston-panspermia-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83d2cd6b9bc072d292c08b72596bfeb053e4d083b485191205648263cf806a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in style-loader-lint-commitlint-config-angular-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8cc7034db2bf2b29cbef30f37f676c749b2e7344c4c083c202ca781b42d37c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tau-mu-good-beta-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffc911728d84781a700b5b9e706f5e42e1d50b3a29e8c8141b254da2aa124f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radiant-relay-castor-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59b307eb0d461a57aa2403eb54560b300c798532f796f705a3d5c5d94c8f7322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-ganymede-thermochronology-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed4e9551588f4666d68b5184e2a3093928f49745bb6e66a6690de97e4ac938ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jovian-asteroid-tectonophysics-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb9ecc1569f3eb6c25f454d0d132e550cf8451e776e85bf56a54a04955aaab97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-europa-version-thermochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bda02da4b17be35dae8af31f33e45190975dc5b800247dd179363537abfee5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmogenic-astroinformatics-mesosphere-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f5567535a8c7e5a16a20da17662eb0990505e3a08147a910886879f3674c79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-pulsar-redshift-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01eb7e5dee33aa92aeb7c166125c8a2a537b2b75814637049b7ce936ca515d24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callisto-enif-cryonics-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1cb08800e2395ac2ce2014130ec27002e68fd1d04853aac2157234a70f9542 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...