MAL-2025-189306 Malicious code in sadr-nodemon-cosmology-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde5e4eff09a33f1389f7b207284fef123917e01d69344dae811a66121796ebe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190399 Malicious code in xml-proxima-rest-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a1102d2c7aae26b1696c4937b33f1603f7e0cb43277d6af00d48ae46b44ba92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186288 Malicious code in configstore-quark-sync-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30c3b67083ef101f23672989003756131308861e71de005811d2edde2b5f3f8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190453 Malicious code in zenobia-nightwatch-rigel-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7808ebb551c621154690455d041307a57992b39f029c79ff41c3100a0a06b108 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in redis-acamar-terser-webpack-plugin-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6796676555503346950febf9220667349738f8b77d07e9b3bee2eed252988ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deserialize-rain-stub-alpha-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fe3e3ccc671a2079a03fbc27a83e769b85746d020ff909b6623c07efafa20d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in html-webpack-plugin-deimos-toml-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bb045f13fdeba200e83090bae2409a07346335c9f563b24f275cd3404d87132 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186682 Malicious code in eclipse-ursa-element-ui-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60b2f32fc1e6c1adb25c4d848fbe498ef1b40cff343779a68a89fa75d88f08b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187138 Malicious code in gemini-hercules-orbit-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fe0e579d0dafada0cd5327982bc2a2ff526ee05793971d21670cb99531d451e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186323 Malicious code in corvus-darkmatter-titan-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee347a8414e37c2db0dd852e5fcce8e90db1d785146cb6c111173d9d2a5b048 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mui-xerxes-proxima-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c12bceab74b6419a10feede58b31581319ad3c2259073f79ffd2d6f2445171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185397 Malicious code in aether-start-lepton-mdx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e36aedbc551c0fdb6d6a164bc853c5330db99a2f5ebdc2bd7c415435ac4acf66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188549 Malicious code in panspermia-seismology-yildun-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e927520f20267093119cf7131661336e17c154be2ed667440613331992e1154b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188893 Malicious code in protoplanetarydisk-prettier-stylelint-jabbah-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb0ec18ef13c4eba082ad93c59132fefce6e00204e10ea87e8e9685f5035651 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189138 Malicious code in regulus-stratosphere-gravity-ethology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93fccfb2ae38d00edc4b5bec8be5c645ec916c9b0d26399bc5ebcbd585a4e899 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187823 Malicious code in lithosphere-inflation-antimatter-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e8af4d7870d7ebc74d3b285580f0b88bc4297bcd5f66c88ffbf251ba78c21c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189023 Malicious code in quark-perturbation-lyra-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ae7d9e05afc9ae4b162ef3a5a90926fb02dc43eff61ae5189e999b8eba1ab58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186091 Malicious code in chakra-ui-sadr-yaml-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a073ff2d6f60d319212474b26295e2faeab06927317a907039f5600ac134ae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188842 Malicious code in procyon-cosmos-mutation-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b5dcd12fa5035265d7d32f99a552f3818f4eb9981fd531d05e5b06531dddd17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkenergy-config-pulsar-development (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8854a12b87261a151a85d4e343a5d654007ddfc614096e8cc336e831d3deaa61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...