MAL-2025-186925 Malicious code in export-zero-orchestrate-zero-compile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5af09b797e4f7aae7c05dba3d89244c143d4393bfb4489b7d6453160dc763868 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189958 Malicious code in tool-tailwindcss-cosmology-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024cbd055f4aa386cbd24118ce725f651db3fc425f37acf6453c7e535d8d1d1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188101 Malicious code in module-palynology-kronos-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbbb0c80c490b51b1c0db117fe652f90324d49f399fb71d1be2c441edfa21254 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187391 Malicious code in husky-bulma-nebula-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029de86705f76c06a577e00966fac5cdab3d36021be7d50cec1844bd03f7b785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185891 Malicious code in bootstrap-kastra-event-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2df2510f2f174eab60a7a3916ad6759fd87b80db2bd5c6f9164cf9fcc0be69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187795 Malicious code in link-sedna-paleomagnetism-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f83ee1bfae66dc7210489390d14334111a3890b2209f274fdf0e50672ecaf4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188645 Malicious code in perturbation-thuban-neuromorphic-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2fa00f740ade73172c617afb80c51e53ffc4ec855be446bf8bdebf9b4ecc976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185655 Malicious code in aurora-nodemon-whitedwarf-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd97281221fe89d74fd42bfb63573c9c1be04ca2dd3dff73ddf81fe566bffadf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188324 Malicious code in nodejs-cosmicweb-chakra-ui-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93a5092226cfdaec9107ff680820108c965f38859cd60ac2915fa0552cf83dbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186370 Malicious code in cressida-prettier-plugin-markdown-pulsar-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47904204a0330a6ee88de485827845d0e3e0d640f5d1de7eda6c95644ce085d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187761 Malicious code in less-pavo-restart-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a129e765e40e8dce28ab9e4ec2c9ad3d9c0771c06a7bc9dbd4186cb47a879e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189421 Malicious code in sedna-telesto-webpack-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dc3a8b377d064eec4fc94c2c9bb78ddb6977bd0cce2e213300540e3d06c6e32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185893 Malicious code in bootstrap-solis-bulma-zooarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd3c4b90b728e10c24b350f3bbaa8da21ea46f25f548e1c3a7dbb67672704c24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185804 Malicious code in big-star-kappa-alert-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 277bfd448c229fdf8fe8efaef8c464ce08c287881a335bccea1a5f1dfa93ac74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185470 Malicious code in antares-mui-tailwindcss-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 067a0e5dade1c5f0ae6c894ea1e8b4d693b3a1e53e38cd4d80448810ccb006e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188327 Malicious code in nodejs-oberon-ignite-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e482bde61fb3e85e4f0ddaf6dbd2bc2b7e66e9546b44fb6bde77934921f5482 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186827 Malicious code in error-root-long-sigma-interpret (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db058b9bd6e68f4c1d3980b659c41874e6030029b47dde99d2f248f0cc0ddb43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189142 Malicious code in rehype-darkenergy-neptune-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8e7dec04b1f7848c420cbc1d806bb0e2aaf9933831e68559c22c7c39a63051 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186608 Malicious code in dorado-jest-gatsby-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3af9de4e8e9dafb88bdd63a361c5362004e17237ed4fcee7acb6bc660c15eecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187208 Malicious code in gravitationalwave-transhumanism-repository-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3b0e9fc46c6a81836d9315a840c93c66bcf3f1fb14630364d0c78c0758fb2b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...