MAL-2025-188332 Malicious code in nodemon-europa-antares-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2621a646e147379df674c0d63c5f4ebb619019eff456c52c35fb9e6f4f8f4cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-centauri-jabbah-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e054df192acb5a503fc2b8fab8fe9e53bbb345b829640946de23c47d0fc60e7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decrypt-info-meta-table-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be4883bdd1cd22e99353350c8cdb2c98e0bd344ac3801dc0999b5d205d66f663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-aquarius-weywot-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30996d68f5a3eaaa198028e609182507bbc8d9d2c5693f797f51dc0ec35e1c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in omicron-final-fire-export-star (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b8844a527e9019acc8bb3b68abba3ed17de545d38e9462732b3d7059d33d20f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in futurology-quantum-mysql-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6a031d73955fc96cbf2c1abde2b595b5a638ce451b56051a15dcee2c81b161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subduction-phylogenetics-tachyon-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d23e85fad2795bccb4695d01f55d114917b907a7cc918c35106dd514064a39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in permission-permission-link-monitor-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d431a409565d9e8eeb792724e8d57bd258eeffbb797a03748a52fa0965af76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in static-public-omega-abstract-upsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82ac38dd4021854b3cd24d798c971942b5a8610691c7b1bc524209f69ea59fe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ionosphere-tachyon-arcturus-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20628fd90048c494290368be2a2d5136b8700e783d74d0b8e85b978626aa1e89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186355 Malicious code in cosmology-levels-terser-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 288be03c8843b42fcdfd629ae8d089e419583efc975261b79fa3e9b75d609a23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189926 Malicious code in throw-deploy-throw-error-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b20c3c771e32c0b392b91da9e97f752eef7fbebc0e9ddce5f5add7836d33d54a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188604 Malicious code in pegasus-radiant-sedna-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c6255ace82aab4d8544ca85c649bcf5880b5b61faf525bccd8b2efbce40f8fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187481 Malicious code in init-venus-sync-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b6e40d812a9363fa5f719d89f8033b005cc387fbeadb50dac11ca6fcd9ba44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187584 Malicious code in janus-rocket-crust-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57d68df4dd0ef3941fc01f5427a525386ddef1adb2f0de27c41bda77a6971c9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187986 Malicious code in mesosphere-chai-hermes-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3a859d8b89079691e1fa4081212caa22fbc584c0379ef009eee6eb1c9d5ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in air-query-sun-void-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4415629b6f9c34adfd199b9e27c7decd99d107eea9d23f83c216bda3cf37b17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-norma-solarnebula-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 310edc185150396d4084de6f1966060af47049a0250c939ebd7dfe2899c1f291 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-encode-good-byte-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4cca71a4491c633a2c7f274e3a868f88632b23381903b5fa7e387991ebc55b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sadr-technocracy-superagent-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05e53646d2d71b5c3190b4a7f4ce2a5856e935feab0663a1a71b74d83bff06d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...