MAL-2025-189521 Malicious code in sirius-registry-webpack-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c310c475846e8ee5e7c18a1b32e566c7929067fa02791639c37510e9d7820c0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186370 Malicious code in cressida-prettier-plugin-markdown-pulsar-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47904204a0330a6ee88de485827845d0e3e0d640f5d1de7eda6c95644ce085d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186146 Malicious code in child-process-stratigraphy-subduction-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7c49dd3945225b658c5a51f33c18f72ccbb43fd246685797fce72947468f0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185411 Malicious code in airbnb-test-betelgeuse-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34f8c54d1cf82e48e21e0919c55c28945ae75a22c803ff46452fbae803bdfe1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188529 Malicious code in paleomagnetism-playwright-blackhole-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3ac923ef3e0b0386e7575fe8798cedb5b699921978d28e61fc8bdbe8f8eaab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187382 Malicious code in hugo-build-configstore-rollup-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9153c124f5d5e6316c12ad12d229ee3d86fb12c8b46821aa50e1b4c2d6c78a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189664 Malicious code in static-view-warn-cluster-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8959878fc66db7bfa787bb8fb77224a14a0c6f77599a8ba842e95e295d4466b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186985 Malicious code in finally-stack-error-cold-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 851d0023f1b630511561a3a8277fcd85b55a566b9ea984b4ba5f4e35d51eb296 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187434 Malicious code in import-debug-compress-byte-long (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ddbf7d87c43bede607efa42308f8dc04a23e0da9d2a8b4f38190d92b71d8080 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189909 Malicious code in thermochronology-gravity-commitlint-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75579a959d026eb2c03145dce2aba38b593b3073d09b2b1efbd3643c2b07e8e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187813 Malicious code in lint-staged-inquirer-transport-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfbb20d4bd0ecb369e109ab32d36b1f7d0610fb45df7d23e8f9bbf0db5f3c22e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190014 Malicious code in typeorm-csv-troposphere-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e73547aa88679589280af7f97832cc643441c415a7b0c69aa00448db76023b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187511 Malicious code in interferometry-paleoanthropology-innercore-seismology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5111570fb96c1ba759d258ad82f85016f3ea249aa5656e2e525ebc6cfa974bbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186450 Malicious code in cypress-procyon-neptune-epigenetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e2913afaa34955cc3427e4afa8d9aa00515de6fd22785137fec6b00482eac91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188394 Malicious code in octans-yakutsk-dotenv-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d751656f2ac7efe86e47c25583f93d9ae1536daffdceaf849d3483681ba1dcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188645 Malicious code in perturbation-thuban-neuromorphic-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2fa00f740ade73172c617afb80c51e53ffc4ec855be446bf8bdebf9b4ecc976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190135 Malicious code in vega-toml-hexo-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efb24c32e4d09b99287614e8f188638625c244dfd0b4f79bb5170f0788ef9b80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189542 Malicious code in slidev-webdriverio-geodynamo-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e40b8ef2ca4a1c55c75b881b2d9d0b2cffd2b53d5be554752f1411031b944caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185977 Malicious code in callback-kastra-wolf-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb66d5a617c669b770ffbb95615634599f72d7c637d3c6e848b38743c7a75bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188705 Malicious code in pino-pretty-kuiperbelt-vulcan-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d01b3bf19da8542bfc975fdfb7a80d55b99366b0702f190de1439f1a90fa5fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...