MAL-2025-187306 Malicious code in heka-mdx-kaus-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272c8eefdcedd52dab7dc0dd7eef12e6f770658cedcd0d14ba9ec787e9ad9cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeometry-accretion-avior-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cacb75c83f3d611e28110f6eecd72ad718397db46669eab7ed2b3d26a8e33c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-pipe-promise-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f02106f4c3f458d8b414958c8d64a06a816b5900d86f0c97e5f3832b61b9f28c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in earth-protected-gamma-test-star (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607017a42bce9e56670763a33b409d170584375240403b448fd7b4741454f5f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-emulate-try-psi-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b725c2958c571c434e5ee27ebe65d6524758ba7da779226c50ea40f71bbbdba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-spectron-loopback-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0460ccbfd41e51a0714ef69bd00401d3487ca8ab7f70a90e0377723fddd725c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neuromorphic-cybernetics-cosmogenic-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 160b9ee422b1614bc10ab76b17cfd59829dd820e115922f452f8253b0f2750f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189186 Malicious code in repository-heka-nestjs-mesosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 280a9a067b4d3a3569af0705929db53acb6d1cabc8a723c0f0e6fbe9a4024fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186635 Malicious code in double-rain-protected-import-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8581e04e65ec57750c45a77518bc0bde32027cce7cec3092673048972abc390a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186137 Malicious code in chi-mu-socket-cold-small (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c962890667949b1dda36ebe56787555eacad6d8b589542c2a0f944f45c3d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186332 Malicious code in cosmiconfig-xml-rehype-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c337d51a5afe782ff83bde8f55685686a71e8d4b23d52af00c64f247b76db8e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186826 Malicious code in error-fast-class-visualize-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ab6287114c993123a1c774b449f01bfe2dc45a5f5b310517d84dc224ebd170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187961 Malicious code in mechatronics-deneb-bunyan-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d599caec2bfcecde9b1d411603b07dd551398020115dfb5d3378fb712c2a9951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190315 Malicious code in wezen-paleoanthropology-betelgeuse-asthenosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96cd5dd57c26dcfb171d2cac13929816f5c301752a421417e4591099fc8d6eb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avangi-oliutka-tabar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86ec69a80dfb84c03c5a4b2d9a9f81d697315a8ff78bf65062dec25b79bdca53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gocay-guga-vivi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector addd1a4ad3f3e7959b7e1f0bdbf392ad038ecd9a2b1573ab57ea8c9a8cce1954 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mok-luni-huojaim (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126cb5404315db1b43244f4afe3b8d2b34b2d80d534e41a150acff53ca551188 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in odasv-knu-bobacuvolafin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d1d4768a3e0845bb0f0807740cdb6d4594db1befc93475749a64405cb1fe188 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oloc-uyg-ugoofifadiahi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b530559eb17999e080904c04f92b015c7dc40f11441378bfd71b03a49071c70c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sonic-kas-faga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 839911df5eee7c783c483105bb63bae889a776bb393bcf77c80e808af55216cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...