MAL-2025-187368 Malicious code in holography-hercules-janus-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc0747bbcd6e1cb7fbbcd0dc7b214cd578ce9437437d5ff92c3122cd217d7f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185782 Malicious code in beta-key-promise-socket-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebad79cce7e400d887bd619f66393a1012518f16bdabeeded43fbc8577048891 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-yaml-figures-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f7740a3ced9536b2d669360d3d0007870b01aeebbcd11690bd66779cdad44da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190007 Malicious code in try-alert-hash-catch-index (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e85fc5860c00474af9c73797df5baec4c6920cae1896fe84f084c86f57a23547 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astrometry-request-semantic-ui-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4012fb9f1f3a7b3429a717f037da51aa7222de55abc415ee48f54c5141ea59d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-node-abstract-interpret-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e57b94267f695268b2205969adaa9a5ec8130180999c45d34e32b1a23caa7f70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185548 Malicious code in arcturus-phenomic-glaciology-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5041aedc9f556fa5042866507cc67da08df40c63bc2232ad8c83e43644f6f999 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187264 Malicious code in halley-bioinformatics-mui-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 662312aa6ad2beee5a2348e5ded7008cd22d42f7258a0e9670509dd2889d5910 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182899 Malicious code in itale-adci-gnuygurygjbkomtollujlnrti (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7351f26975a5eea940be1584ec5bca09f79bd72b7af21a8aeaa834e05858c553 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modiov-kin-afbaufcaducxacs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50ff912c0087efe4e11ff6a12bc496608a99126131250e1a19b34525b360b519 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imugiay-ajvog-dnieamfnaiyugpa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e1a57540a38496f5ba46d1d6f50c6550ae2b4754370076944880ff003559f6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183337 Malicious code in libc-ug-atafuifiaafaig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2754226febfbe72f3b3f8d03a73ce426b070c7a4035ee8ba8d1b7aaaf7028202 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184650 Malicious code in odasv-kuu-bofauffsi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dade55c9b4f7e5f28c43b2bb1af19f56fe5e43138cd65b13097b6fcb67f438b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184644 Malicious code in odasv-knu-boniju (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3eaa86eba0741be553b57b39aaf4d3ed186abb4275b4aa8fb8c29f06bf4216f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inda-foji-gisagabugailan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40dd6467190d9b84426e6eac078e1bacde79fba2d13822367dca501960e8e764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181660 Malicious code in astam-ift-dabtauzabidami (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1faa7eae8a80f53e67224f65aa28387fc2befa0526bc732713153f6794c6b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184309 Malicious code in modiov-kifni-ufavcseqinsdxaoycuruban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b05e8e6de9f9f146b9aa93408a90a1c8d44e748d7b82561d911d75fd99c71589 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185133 Malicious code in sonic-kulig-tgacov (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4a94bf9d334e9b17385a5adade4794b16b1e455749ee9c25bc0cdbd6e206dfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181518 Malicious code in roti12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac7a71310e665ef029bfd84a557b19d22dd2a05ffc4f9b0c55add351ed33988 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kisut-faig-ikani (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0738916f920c43a81697a488dfdd3355b284bd052946310308ec0640c5b7a81f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...