MAL-2025-190091 Malicious code in upsilon-decode-long-socket-final (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0962f6e8da2e588484b33fb5c75f660402e645c56187e064048d31ee6b4a4e7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187342 Malicious code in hermes-child-process-apex-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a281ad403ce48fe80ffae106c96e750395afa994deaa511034c881291b3f006f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186194 Malicious code in code-interpret-finally-decode-cold (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda77329400e2d6d937de5ec4642461363583de5cc3bc09ba36c5270ced52d51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uninstall-semantic-ui-await-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d54cdc877af56ca1cfb7dbad3c96a744be26cd760c76bbef5ee6ca64e03bc210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187846 Malicious code in log-info-good-promise-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72c03b63d7e6ec2e8f5732886871961885d3492ff65521a2d134fa374464187d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in daemon-container-rain-route-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c4f1f147013c5221da2228438178465ed4a4ee42d1b44fbea669e51ffe08947 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in promise-carina-astroinformatics-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2014f330645c8ea66f04b127b546ef18c580803da86446ae01e44eb618d71419 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in magellan-neptunology-extremophile-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 253a620c17f19c1814d5c8fd8bf86e3437e5d6da93e3ab045fc1422e186796cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188639 Malicious code in perturbation-bulma-mensa-eventhoriz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d51a9c3a3b80be94feb024b2c0609f78f69db01e5b8cb7bfd485aa825e763b56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188146 Malicious code in multiverse-jsonp-mdx-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318b505452a0445439130fb4c30bd9bc2c4afb2b92ba690f9cba25b020aa08cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185970 Malicious code in cache-umbra-geoarchaeology-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63b325ee42e9c4fb0b6333f6448be22adc3ef9fa102f3529f68c8eb58d077bf4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189396 Malicious code in secure-eta-throw-index-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6ef07f6a8d07c9ae7049f63ac2d5a0c363e46cfda057c7eb6353624e949ce2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185703 Malicious code in awk-encode-good-byte-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4cca71a4491c633a2c7f274e3a868f88632b23381903b5fa7e387991ebc55b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in local-ariel-elara-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baa489e4c2ddf5f4b238f4e89d02e3d3631e672743ec0775984f02753467568d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cron-optimize-thread-cat-compile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9360878b2094164d130608fb02dfdaa3184fe80b8eb0505ba05f7980819859f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188257 Malicious code in new-mu-sigma-float-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fa21d505506eff18701f8090ac5bb4a82a953082bf6a4a64fbe6fd639435403 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sonic-kuoig-timesexa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1defef4ff8e5a745d48d7ece087d36ad1f21dbe727e8b3dfc8b264c2af40e61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183054 Malicious code in item-at-duoa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5267a3b47c206b3782dbc59c83f9b94b4bdf049b27becb26fb05727cd5de951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181598 Malicious code in astam-if-dabbamikumiak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d20051494bc401e9c62a1385967639d2dbda39b84d6071bf615f606f586833cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mitali-dn-ujokul (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f5fd52e18dfd32d14a0a43ff70300a73fc18209daaa99e0f99f9830d0f0e121 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...