MAL-2025-186177 Malicious code in cluster-child-process-remark-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0174842527c29694de08b676a8177ac52e03dab4a1db27c0edc59945ebbb6a8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186332 Malicious code in cosmiconfig-xml-rehype-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c337d51a5afe782ff83bde8f55685686a71e8d4b23d52af00c64f247b76db8e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186702 Malicious code in electron-nconf-callisto-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc90748ea64a281a778df79da5f5d78d8439ba2ac5dd54761b15734e56d7aac7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185627 Malicious code in async-psi-alpha-query-theta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7530cf46aad481c6839f10e0bee406d9caae82ffc06acdedcc54ce75442b73cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189182 Malicious code in report-new-runtime-sun-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f170b68394d1a1d0fbcaf0ab60fa7ed7b0e077c63d9823cf2922b7bca42d9aa3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189189 Malicious code in request-gemini-prettier-plugin-markdown-hercules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41aba293435e865cd16c68eb54bf9bd32c3825988f2434b623b6794b0e0ff74a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186161 Malicious code in class-secure-function-transpile-authorize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e28b11cbe99b65195c5c3d27c542888f775612a52a9dec629226c3caaf70c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187785 Malicious code in lightyear-cors-quasar-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 429afdc097b789886b2f73a40a1eb7753fceba27a84af51e06977ae222b5f0a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187001 Malicious code in float-new-route-benchmark-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9665f090704f17656723a9e6b1d4effa056e5de0f4bdede25a8bf2cccf60faa1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187568 Malicious code in janus-chai-umbriel-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae71d4b4bac5709c08900c6dbd46fad9585278dc80a7127a29f8304f29d18d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186826 Malicious code in error-fast-class-visualize-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ab6287114c993123a1c774b449f01bfe2dc45a5f5b310517d84dc224ebd170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186646 Malicious code in duplex-init-parcel-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac497f57073665d298fcc5fecb6ca9e77e45df4bf3dd82e143a292881ec22153 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187319 Malicious code in helios-nightwatch-tethys-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ab19a67d9571b4928642ad52ea4d92a1394cb76bd2b6e7484639bb37cf0aad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187020 Malicious code in fork-object-protected-data-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d731ebcdace439a4ad52b59008be2f09ab2a515b808c75fbd971d22501b85805 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188002 Malicious code in metabolomics-cross-env-antares-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 416c9d07d4bfcbc0f380096b82f6ae758880a86c41a1d9264e1b732e0772a9d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187047 Malicious code in framework-rimraf-buffer-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fd7bd0d93981950b7dfc97b285205d98122fbf996356148515702794779a01a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188815 Malicious code in primatology-callback-dactyl-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90f7d4a05dd49dfca9278f8e504ce9be45319027a94f09b75557948e02d016b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188676 Malicious code in phoebe-sagitta-cosmiconfig-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef0e13ea76237699131190626c9abb30663026fbd8636c42b98e42d5707324a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in old-string-protected-omega-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94b4c6b9e02ae8116c384e78de29b120b55757d7fc40c59281afe45f6917f764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in olobc-uyg-ughi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3016f938426d39f973185c470108bb850a3e816a7b67dde3fb905ce1158107 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...