MAL-2025-187372 Malicious code in html-webpack-plugin-atlas-global-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d76c400c13c978ef6cec8cf7e638527ede28cbd33c8bdda65e4c91e8e97c489e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187263 Malicious code in halley-antares-lint-staged-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08f510611717755cfc51a3e5909c156ddd315996f9da4c82cf4c9eb2a674cc57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189620 Malicious code in speleology-phenomic-nova-resonance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0964688b47d97de3d008dd858b6c40cbbefa462b69aed624467438e4722a340c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186132 Malicious code in charon-transhumanism-zephyr-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e9cc4151f57f8ba05200f8b1ba05028c6a90c94b8c52f8a531176c4da4af830 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186161 Malicious code in class-secure-function-transpile-authorize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e28b11cbe99b65195c5c3d27c542888f775612a52a9dec629226c3caaf70c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185836 Malicious code in biotechnology-apollo-rollup-plugin-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0830b98c58ab354f9147b7c6003d2a35dd551ebee55353545da36da720098ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187863 Malicious code in loop-cosmicray-repository-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f610163d80c4d4634df39dc9eb5e1f94442dcd4e7b119bbb4aa148cef9ee272 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188785 Malicious code in postcss-mongodb-astrometry-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60d91bb98b69696c0d64838fcc70a1807cd0481ffb5d3b10c23c6c4e4737ae29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187438 Malicious code in import-proxy-cron-balance-abstract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc1ec58f88db65ef37f453763c2850aa34c61344a704725c6db3c7fc21bea4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186191 Malicious code in cluster-wind-decode-sigma-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd89e6d425ea10a6bbc7c23e11410d5d33053239f7ec72033f36de7f54628073 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190467 Malicious code in zephyr-mongodb-wavefunction-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb6455e842bfed2e45795b6fa4955bfa999151b2b9d2cf8678f31179f7a042f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188835 Malicious code in process-loopback-cosmos-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da04f28b11aeb888365841b60d588c34ef88e6c040b684fd9971c7131569f620 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190477 Malicious code in zeta-beta-secure-secure-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93a5c435de2671bef333672da04229cac813381b0a6af0485bceb971f387c84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186826 Malicious code in error-fast-class-visualize-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ab6287114c993123a1c774b449f01bfe2dc45a5f5b310517d84dc224ebd170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187252 Malicious code in gulp-kinetic-mongodb-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7878006d6f8f7caa40ce0daf78b2c246cba2cc4a065213449dfa1b7d77e316f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187737 Malicious code in leda-morgan-xanthus-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0d4d499bb8d7e5664a8ab87aeb749fa0cf175f430a694968d93583fb239b394 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186910 Malicious code in exoplanetology-command-heka-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c20460cd88ac33a5b0699bef0fdd2e695b306f22592c147b6451eb2336f28ada This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187424 Malicious code in ignite-chai-mira-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ce891d93375fc44ef940ba2e552f0edb96f80dd9d0738d90e22a7a411c2fb82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-telesto-webpack-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dc3a8b377d064eec4fc94c2c9bb78ddb6977bd0cce2e213300540e3d06c6e32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gatsby-tardigrade-hyperion-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 045b9fbb41e669808e8b242f695e928285d9a881632315fefcd95b7b3149f24b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...