MAL-2025-188187 Malicious code in native-transform-nightmare-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cb8bba835dd74110960912c898ffa95ea4d8f290d3a2df21d8a9f8d597f9138 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188753 Malicious code in plutology-meteor-xerxes-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbb5bc61e9eac228156b339e33b38872ab4c63538b4ef99c2269a8dd85462dd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-callback-postcss-loader-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da289d643aa3faecaf7175117c401810c7e8057d922808fb551774bc12f9d353 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186140 Malicious code in chi-short-export-assert-execute (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b9a5aa5e0c64e003069b43ff89f71a2a040569317baf9e7ba44dbaaa4ce5f97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190055 Malicious code in uninstall-semantic-ui-await-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d54cdc877af56ca1cfb7dbad3c96a744be26cd760c76bbef5ee6ca64e03bc210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189711 Malicious code in subduction-phylogenetics-tachyon-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d23e85fad2795bccb4695d01f55d114917b907a7cc918c35106dd514064a39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187705 Malicious code in kronos-ichnology-dotenv-safe-seismology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c772d9ee172d9d8a4149b89bb7e9d6739711a4032f4fe5a817bbd35ea114c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186726 Malicious code in emulate-tau-grep-resolve-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 537111f2ce71d83f483cdf19d12bda80c8b9dbbb1a5081022d1fdbd029694e33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187095 Malicious code in gammarayburst-neptunology-helios-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1639aed73bc43db96f2914d88cdd73979fcf54d713614aede5317f2945f3d59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187833 Malicious code in local-ariel-elara-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baa489e4c2ddf5f4b238f4e89d02e3d3631e672743ec0775984f02753467568d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189333 Malicious code in sails-soap-link-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1eacbc309f43b7b1aa6ae69633d9efe8c8721438d82fdf6da228ed4f8738927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186807 Malicious code in eridanus-geochronology-element-ui-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c70e6b62e3a9f2699ecf4f192f3066aa1df8d5e90541a43a39c446e93e35fdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186936 Malicious code in farout-colors-hologram-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71c99fa5451f2cc2dd0102d63f87d4f740d4e78005ef2ea86783a16a1d892269 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185942 Malicious code in bunyan-areology-glaciology-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cfc2392c12292c74ee9da395bbd7057c863a1871c93f00572733f8d5995f513 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187656 Malicious code in kappa-encrypt-public-rho-boolean (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 656709df41c0061ebd217bc1f9d8008060baf2008b8c7f3bdce9147727b37576 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187763 Malicious code in less-radiometric-hydra-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc59368ee0d7cd8aeb4f95689e120819ddbfff2c7c82266ca7fb17267e694aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189993 Malicious code in tree-notify-fire-resolve-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58286446bdb6c6f5f5005a6bc809b0344a781e5d24164ab1e56e1fe30e434940 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189536 Malicious code in slidev-odin-charon-pino-pretty (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10a6f20651e71b9191c950fc2cbdba6720c98b9935f61ba97cc07e440604538e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189831 Malicious code in taurus-request-hyperion-subduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805221cf5a62588c1c2a9e61e0875d0fc1e09945259c7a29162ba921752675b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187488 Malicious code in inquirer-loop-airbnb-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de8366fb7af261b96acb44c44992384f7e1c7b11ce57f40c11ab549619a5a443 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...