MAL-2025-188990 Malicious code in pyxis-hercules-scripts-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6a81f666995ddc6c6187d95530b91ea605e66fd4709f426879c3d30977691f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186845 Malicious code in eslint-plugin-husky-pavo-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e746ee6f0fa370fc7f0fb5e7e4e47d2df2a52bc77ffee749e24d95a1f10b426 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190144 Malicious code in version-pyxis-spawn-epimetheus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7caa9461ef60c5ea68137682e034dd31e821e161089f2d21e63422f8d9889d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186572 Malicious code in development-antares-xerxes-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4362fc9df795b9d7cd12a02041fd8a23c9956574057cd907b59e60ecca9a9ebf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189731 Malicious code in sun-bad-assert-secure-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d895d4b0345e91c1f17b7dcbc0cb8bd298eccd311b392650ae6fc5dc7c9258d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stop-chalk-build-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12304bce2d2adca285ac9ea833f6164df53f2794ac72a2e3661ee2b7f9968c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186113 Malicious code in changelog-multiverse-heliophysics-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d26b7c4b39b23830057045d4ac69e6039758294f45b8f6197cf5f5af279e466 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189640 Malicious code in stack-compress-nu-zeta-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 175e67631711d41d02520521df6190627ee39430a578d67183c97e9628a7568b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189939 Malicious code in titan-iota-carina-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae54b5aeb01b3b85dda4f78f0dacbe1fafb98fef139ef198836d50da8dbcd7f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189962 Malicious code in transform-carpo-charon-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9df721a1d001a47a01827b2556b96ff9d55853def17552c84f1c6e05a3172c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187654 Malicious code in kappa-cache-process-byte-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b8fa30fc7c162a6094a97409707dddf8e50e05a0d0106276d65c351e656ef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187927 Malicious code in markdown-multiverse-vuepress-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc4389cbd599d8b51ef8b9f455d0dff2181aa051854625dd0c231e3d4c364cb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186667 Malicious code in earth-visualize-abstract-beta-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cdcb9e255cb40cbc9b3900e368a05edeb31be8f58530b34dcf7f168ad49aed6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189579 Malicious code in socketio-polaris-restart-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e80f723fb0c38fbfaf0efdc1c70d08acd508343dbd594e403fca9751fb9b1719 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186988 Malicious code in firebase-command-ursa-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acd3d6a206ba901560c4623937d141df01d36bf233f95ebff438b1128f0840d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190118 Malicious code in ursa-testcafe-innercore-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dfce035eabf7825c0a7f26269b5bf0b12829681278f18b5eadef5359a7fca39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186128 Malicious code in chariklo-library-public-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa536a5e403d931475f9787e1461256bb925caed3c743de48b475db4b9bb1938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190000 Malicious code in triton-proxima-impulse-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb012bc8032df9bf8cc5ab1b784df443d93d149bc076b6fdfb47b22dfbaf7b9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185494 Malicious code in apex-titan-babel-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a01730205c12d694b2acae4ea9b3af03584b9f34e2f92fab62e45846ac5136fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189165 Malicious code in release-it-library-start-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348aaa3d96cbbca9efb6a3b8e5c7e01f9bfc1413dce9e60070864b028329ab09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...