MAL-2025-188145 Malicious code in multiverse-carina-boson-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a771cf283fb9950e43b2ea7694717add47719ecac98d5e7cee380843483edf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superflare-aldebaran-phenomic-quantumfoam (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae2b5af9498814bac838f7d9c918f17bf3fd4ca2ae844e1bc829bb27715e6d32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in venus-phoebe-heliophysics-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c557360705a7b782a60c0b57663064bd571c2258f3504b22e00fdd91e865c3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-iota-paleoclimatology-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9422f0c6552ae0207d6ba6344207d2fc27ffec34d9f8279ac7fb1407f5431839 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188225 Malicious code in neptune-node-sass-altair-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad682c7ef1b00daaed7b6861c4172801654dbd52ae27354ba342091db9601ad2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186549 Malicious code in deneb-multiverse-augmentedreality-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c3bb282553929ded53f031976182f596ae80de4f0259afe9086d8c43ffaa49e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185499 Malicious code in apollo-development-cressida-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c296836ef6103cc0343dcaf31d3800f97ced245deffdcac4a8d01c097a4926d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186507 Malicious code in decompress-tree-protected-upsilon-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f54cb13086872fcb5c3e171f126f96d2723cd7ed4cb0febfae9e2db744d4d97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189307 Malicious code in sadr-passport-mantle-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbf90790b787c745d7ecc3df9a5bb266126009d229135095e2d81322087b872 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189070 Malicious code in radiometric-native-adonis-cygnus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7a905c6fbd44ffe868d328f759bc5e0ebe4637155e3c9cfa9f4b6ec27256292 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189751 Malicious code in supercluster-vega-ceres-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60cb3d1a52c671cd3eef17746e2ab0fefaecdac1fae0661779f46f570219be67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-request-dysonswarm-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe1b03cec1c5daf993196232116f24865c643b035dc6a9255cf8d2656074c012 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186153 Malicious code in cladistics-charon-sagitta-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b290803267a794b52c10bf128a22515a1e42d7fd608db0434de366816debf0aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186546 Malicious code in deneb-iota-xenos-celeste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5941dde5e83d9b49e44d62dcbb8338de71a05426727f9aa5813f9c325464ff78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185685 Malicious code in avior-ganymede-backend-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a4711152c4083ccdb19747bdc390909e2dd6d6c64e5f7d82894ecc60e1fad7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187169 Malicious code in geomorphology-fermion-aquarius-oscillation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a5dd8df67636856b60e86272fa741e198eaece85c5f95e6c79aa5e1235b8541 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gocay-guga-vii (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48712e04e02936314b5cf39ced8900086678c89861904641f71828473917dee8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avarage-olios-noil (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bab0fc0d0d5367d3546bbea0a80424a641173a3c8e27366f0b6df88c3c2538fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imuay-avig-iayafucamrfuf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc305fb5369263e0f387f1bec9f859b87faf548e70ede2d4b44f1060da288d91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181938 Malicious code in flights-ilutg-iduhihsa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ed9d4423450d9581599e3d302c80b2e9fb1dfd097fbd62dcdfe93d0bc52a47b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...