MAL-2025-187330 Malicious code in helmet-supercluster-release-it-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186868 Malicious code in europa-fork-andromeda-kinetic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f06c976d398e6600330ef91542a8aa6d3f7aa644912faa1db980b04078a6339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188150 Malicious code in mutation-augmentedreality-archaeoastronomy-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d350f2ae2d91b828a2e264f7f2d54908fc2de495a298a5dc6b69b023837e517 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190039 Malicious code in umbra-jekyll-foundation-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c106822cf8e3fa26d502751c57e0f20c137335a06eaa078c6724cb7fa72d9938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189382 Malicious code in scorpius-vulcan-postcss-loader-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31aafe3c03afb0cf93ac268b63551892f5e8e9ea5895715091958bea3218dc80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185531 Malicious code in archaeometry-accretion-avior-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cacb75c83f3d611e28110f6eecd72ad718397db46669eab7ed2b3d26a8e33c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188740 Malicious code in planetology-virgo-archaeometry-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a306eb5c4f40ca9eed5e5358af762509f337a8152ea0a8021b334ad4454ef58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187306 Malicious code in heka-mdx-kaus-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272c8eefdcedd52dab7dc0dd7eef12e6f770658cedcd0d14ba9ec787e9ad9cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187155 Malicious code in geoarchaeology-ora-titan-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a806a3cf3dda3c3eebe62d2f064979deff4dc5be13189bf1b05b046a1a60a856 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188091 Malicious code in mock-easy-tree-long-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024026dd3f4783206bcee83b487c028a5422ea2faae10edb1bb7f221102dee15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188832 Malicious code in process-daemon-pipe-try-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 316ddbb2ffbd1c43021a6c11d374e9f08b52489cfe301ca4161e0c5bb3169d93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187748 Malicious code in less-astrochemistry-ceres-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce97bc6d36bcde07bce91a015dec579ae6795f061e92685f77111fbb9c91bc6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189019 Malicious code in quark-eslint-config-materialize-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f14e76d31b688dacef1a496176a9ca1ea81b594b81b2373404d54a5de86a60df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190043 Malicious code in umbriel-bootstrap-polaris-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7e22f661b3b8aa6ba56ea19195787c22f7e2c718cb13c4698d74adefd90d00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189091 Malicious code in react-bootstrap-nightwatch-levels-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60b4694504f4410dd51f8425128c7f0ff89ad0ced5e6287410c9132f7f235c9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185887 Malicious code in bootstrap-cluster-fornax-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68c8b328a4fdb50634ae09eb0a5a69120d6aedc072cba9562ccade41a2e33e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186276 Malicious code in config-elara-leda-nucleosynthesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f2123d7611a034d49ef6a64caa8bff9b92b21e5a41dade96f42aa0c7c85ccdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189801 Malicious code in tachyon-vortex-bellatrix-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5822972fbd20e17b527df3dc5f1fc0d18bc0328f474e68ac68715f30e9fca2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185401 Malicious code in air-epsilon-zeta-key-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3315bade14bc91e0c028f375cddafcc7a08630f221281feff53d52abe8355d54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185731 Malicious code in bad-eta-encrypt-error-signal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1430a541231c581ecaecf6111ee0646d539ec2f560fe6401ba786567cbe1eef2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...