MAL-2025-186208 Malicious code in colors-rigel-bellatrix-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c137eaed40b31b6152069e498b6ba1512a5e4a72eca57a6d5eaed47da47afb55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190274 Malicious code in webdriver-mocha-nightwatch-cosmiconfig-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de3cfc3b8c341c20b4e8af0757b87d8eb021f0af5c7c338267d8024659a8cd03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187721 Malicious code in lacerta-polaris-tool-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e14658508cd2a68cf53158830bd8ec585bd27f436ddb4ef01bbd48b3cf1384b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185410 Malicious code in airbnb-oscillation-commitlint-config-angular-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baf800470a1681acff5740acba90cbf70748786015854f1268ff0cedb463fff2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190136 Malicious code in vega-xerxes-meissa-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b63abf6534ea99f2d7edbd9fec922e534d5a525a6f21b8ba75ad9525c2a485d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187973 Malicious code in meissa-pavo-asthenosphere-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c245ebc6d662cd2d791c2a665a08b64c0ac325a3faea4ed570146f511d921147 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189123 Malicious code in refactor-socket-container-wind-sigma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d89a8b301a82e34718e719086eb65c46906b20adf7618bcf4881930e6ec4b03d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189054 Malicious code in radiant-event-bootstrap-geodynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d884f8f8fe69d800ff13733a4da5865fd63f1846cee21ddf7997124ae41773ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189951 Malicious code in toml-superflare-rollup-algol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2095f2a643f3176f7194ca9b7fb58c358babba6c0b9e2607bb10894b52696ec0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189723 Malicious code in subscription-jsonp-metabolomics-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b99ac4b6d1f2920c9cfeb64b32caaef526384c1277eb268f9495396666671b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189610 Malicious code in spectron-mini-css-extract-plugin-enif-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77bf4632685f048e884c1d50e6b8ad6399db3c7078098bf8b61b8d61dd7d4b35 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189634 Malicious code in sqlite-duplex-robotics-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f41fc7d49409f364c1793b954a916bbb4f8dd865b8617e989669637876bd85d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187603 Malicious code in jekyll-nightmare-juno-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 720b0955abd011ee1ffc556684896bfc2c599a4b61ff0568122dda4e4e07ee8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188759 Malicious code in polaris-asteroid-oscillation-australis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a8b10557d3b8ac062dec69414470183d5bbe9cf999cfecb684e5dbac74a09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190150 Malicious code in view-omicron-unix-compress-authorize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d86eb2e159a609113cfc2efc8435ff741a9e4a3d864ae507fe6a729dd0058b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190115 Malicious code in ursa-protoplanetarydisk-electron-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43730eff79ee89795068b5ee0c4f33390ceada895b6ece6e610d5bb830bc250f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187644 Malicious code in jwt-antares-chakra-ui-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9411bd44509f93d667ced5c6dbbb2a8adf996313e23fb5f37005d64f9a0e6f22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185923 Malicious code in buffer-package-bionics-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1fd405157c2817e145d01f5a76694010a00124749169424ea157e463f04adb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187907 Malicious code in magellan-vega-phoenix-hydrogeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f2f66ecbac6b74c3a512bcdb85aaa1cb1f53a2ff5ad66a411a8b5dcfd3d8bd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187143 Malicious code in gemini-query-adonis-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88dc675516f0b833eb0fe5dc36d4860582128956738b97d038115774134b5bf4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...