MAL-2025-189018 Malicious code in quark-dotenv-safe-run-script-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a6e17931e4aaa6fd168c9dd241a0af9cc5a149837770053fa39c03d71da231 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187648 Malicious code in jwt-polaris-accretion-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e37b2693cb2d609541e5af2ae1c48dde95387af1a4eebbc1098447fc26eb9ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189805 Malicious code in taphonomy-neuromorphic-cressida-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c3f8ac8424eb2fd06c7645a3bde838a9dc858cb027eef1fa0343a1bdc4319b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186137 Malicious code in chi-mu-socket-cold-small (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c962890667949b1dda36ebe56787555eacad6d8b589542c2a0f944f45c3d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185745 Malicious code in balance-public-new-object-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e4bc6026cbccdbd46d399f7ad4ad79e78e3f51369f9d5a0619d82b3a0f75f5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185439 Malicious code in alphard-fetch-electron-builder-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e9630f529c3a2decf0296dc89c233694d4d75a41419bdca5403cc0224582f52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186901 Malicious code in exobiology-mesosphere-warp-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e12ca67e863aeca5a4e51817e36d62430844b2932ebd283e47cdfa0280a5d43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186132 Malicious code in charon-transhumanism-zephyr-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e9cc4151f57f8ba05200f8b1ba05028c6a90c94b8c52f8a531176c4da4af830 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189067 Malicious code in radioastronomy-readable-proxima-sadr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c1e2c1751d0b64e7e0b20911f9d0aa01575ad4dd030df8d55c2f0a5387bded This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188381 Malicious code in oberon-mdx-hydrogeology-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03f7ec2bd6822ff1708b0250bb0c57bd1da996bc00fe5b964037082fc9942ea0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185891 Malicious code in bootstrap-kastra-event-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2df2510f2f174eab60a7a3916ad6759fd87b80db2bd5c6f9164cf9fcc0be69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185839 Malicious code in biotechnology-enceladus-jovian-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f3c36919a7001f229303c0e8f4408d4ac99f412e66f6940bfdac27e941ef40a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185471 Malicious code in antares-parallax-publish-innercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07fec6b828a74f076cb5efeafcef72a2822472cabf3a3ec7922699a1283b9df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186449 Malicious code in cypress-phoenix-higgs-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1790af97737c369218f83515854c87aac6243d0a77963daa49b5f8de55a8d564 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189146 Malicious code in reject-await-hash-try-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 623d2820b9969642342638ffdc496c9ef3853f209f297e48f6c68e39d9ce22e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190013 Malicious code in try-stub-yaml-query-awk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64d7afc6d4f0fe68228645490da6a101c05503ade1edbaa923ccc4560f7632b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187382 Malicious code in hugo-build-configstore-rollup-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9153c124f5d5e6316c12ad12d229ee3d86fb12c8b46821aa50e1b4c2d6c78a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186485 Malicious code in darkmatter-build-kuiperbelt-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93483a80d5db917b2f3fe12b078b1cee95149534d194f3f15649c715de1c34e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186282 Malicious code in configstore-centaurus-writable-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4d2836adf3fb394b565c00ce08f4b87b9bb6ed7d0f8a9228fcd46d24a9735d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186993 Malicious code in firebase-selenology-blitz-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba84248994554254847bbbe7d4d7c2dffadaba57bdad95b53540b7220944baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...