MAL-2025-186972 Malicious code in filament-tethys-brane-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd79b06d69f04ea8b0388bfa6ca124a65859009529152dcd4cb8413e3089e76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185891 Malicious code in bootstrap-kastra-event-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2df2510f2f174eab60a7a3916ad6759fd87b80db2bd5c6f9164cf9fcc0be69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190432 Malicious code in yildun-cors-convict-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e182958aed938d1d33b5393ba2c0969ac423439fd20bc34e27524d9fcf1e2bf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186044 Malicious code in celeste-selenology-socketio-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3b0922b492f0634fa8fa4185e4b832fcc9ec8b78b6a8021ba713ef2be87ed22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187436 Malicious code in import-log-monitor-rho-function (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0aa8e668ba36d4d41ca2d43ee6c401b9c982a3750a080700e0fadd64b7ec5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186506 Malicious code in decompress-simple-lambda-container-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a56f01a80d1fe9a2a4e14344b3a37f67f649c9c2f15d90b3604f6dc5c138e22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186059 Malicious code in centaurus-biohacking-mongoose-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d482681a1746eaaa1bbde7130dfb8ec74d55c296d84140f66286c3dcaea82c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188007 Malicious code in metalsmith-ganymede-gravitationalwave-biogeochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd371531b6504d7302f781d1d49aa918cc42e03fda931b017ec70b39844a114a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188705 Malicious code in pino-pretty-kuiperbelt-vulcan-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d01b3bf19da8542bfc975fdfb7a80d55b99366b0702f190de1439f1a90fa5fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187721 Malicious code in lacerta-polaris-tool-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e14658508cd2a68cf53158830bd8ec585bd27f436ddb4ef01bbd48b3cf1384b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186993 Malicious code in firebase-selenology-blitz-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba84248994554254847bbbe7d4d7c2dffadaba57bdad95b53540b7220944baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187263 Malicious code in halley-antares-lint-staged-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08f510611717755cfc51a3e5909c156ddd315996f9da4c82cf4c9eb2a674cc57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186484 Malicious code in darkenergy-style-loader-style-loader-node-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b63bf79b92c5f6a95a6dce7dc164aa540cba55e4dccae81f7f45965620fdf7ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187579 Malicious code in janus-radiant-avior-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3482009acb57d79c98b331584817b5b1aa0eebce9c890bfefe12f45ffe90242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186346 Malicious code in cosmochemistry-lacerta-magnetosphere-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d0d5db9b30a391c486f37cb6ced3a4f296a525efa9c588f34a6a3845fe226e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186843 Malicious code in eslint-plugin-fornax-auth-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be26c82a94b33272a9b5391a0f7fe3a8cb9d572639e42301d598f6ff497f416c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185411 Malicious code in airbnb-test-betelgeuse-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34f8c54d1cf82e48e21e0919c55c28945ae75a22c803ff46452fbae803bdfe1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189542 Malicious code in slidev-webdriverio-geodynamo-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e40b8ef2ca4a1c55c75b881b2d9d0b2cffd2b53d5be554752f1411031b944caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187208 Malicious code in gravitationalwave-transhumanism-repository-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3b0e9fc46c6a81836d9315a840c93c66bcf3f1fb14630364d0c78c0758fb2b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187285 Malicious code in hash-test-interface-emulate-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f524f1afedfa738d87c851fd64489dd7316326988bad14dff7db8b77e321a265 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...