MAL-2025-189324 Malicious code in sagitta-tachyon-rocket-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87105f7a55705922e8228e6ee258afe22d3eafa3dd23c68fa837dfbbac199b56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189223 Malicious code in reveal-md-cladistics-brane-blazar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aba1890cc09a73e9c729e70b806349b00973870edcf90f85549e6e946745d97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitizen-eclipse-sadr-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 003be40b652756a8eba0205c1a4a61f63cfc4136def4cf7aa389bed75aa2f8fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189980 Malicious code in transpile-pi-cron-secure-double (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f79464e911dab89a693fca3631620c93984804f8b4a48f7c6061aadb4d7620a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terraforming-astro-virgo-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a183fa87002850d00bdd17934b7cf22fb2ada6f42a83f55d806e8be99a42534 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189585 Malicious code in solarnebula-nextjs-start-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a158f05aded8cc14a93cdd7ddcd71a02ef799b562af59a0981fea88e286fb34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auriga-eslint-halley-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbb0bd6588a9174fc25cd49a2b2bb3fb8a2d06d58e3da4b7775a007a7ce02483 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-paleontology-quasar-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b24641a7a7948c44221b69d921a47de7c481a7594a92934261a4bd26cd30b58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189418 Malicious code in sedna-rigel-package-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b74aa10afb22fccf556586d4350aa1831e973a396137a512cce8a0fc6cede946 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189319 Malicious code in sagitta-publish-wasat-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cb333963f806358968a273c2116974e640b3616d2d94f90aa813485152c384f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188428 Malicious code in on-quantumfoam-nebula-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d58c1cfcb579fb334f21a1208f5ba22ae4fc14bffe6418fcd65e27dd13c7715f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in itale-adci-ggmatondanggangtengdytdjdbyru (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff46ca8a0a825dab2f4ed2e64e1f6c1320fb51bdff41a8d05cee45f6529d4256 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kisut-dfg-db (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eef0e64050b1149e8e55211d1b9c3f15498e6b8544761622a4a1660b8177181b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tunis-kit-gahufaduudi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5498b3305aa87b228905ad9e664e11b8fa8aee18830a0be667e78baf206007c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unise-kit-bogavi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df1e9f7fe755e50439044873fa2790218cc859a9f306ab853f68105f2350652c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184229 Malicious code in modasv-kuu-bavoisiyabu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d82d904f3e485fbf044db226f9b580d8005fa95f69ea6aea9d082b3106a00ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in teate-thy-sonic-gewho (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3396571e2f3ba24b28c8c5a6400d381341aaf340c511f2e87834f1fa204c1e8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lookingan-jeje8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93d87cdb345f1694ec5991dcd53cbe132300c07643fea4ceffb253844596975a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kiut-acg-avefivubug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b8a7ab6f530f7639e392312915106e24d5b8eee01bb599f4a368c5703fde007 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in anabuyil-na0n-nitnualuki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e6be3eb0b694127f8174d66d896eed51e1b9306e42ed124eb8e004bf28c30c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...