MAL-2025-188335 Malicious code in nodemon-meissa-outercore-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba2e23c45539583f659e07b8c25c6f64355c7809af168ed58fe5b4b1e9e94297 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189249 Malicious code in rimraf-webdriver-manager-impulse-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fefd7243462f1f8ccba07dd065e1afd7207e0a92494699f6c4e5e02d331673 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sync-decoherence-xanthus-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 302cb9295281a82475b3d087e5c9d61e6f97dff44cc081a850b4044c5e0991c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186416 Malicious code in css-loader-mui-wasat-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e53cad67075a8415d525e1cafbcd4ef14fbb3971d78c9c0a1085f10f86fb472d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187029 Malicious code in fornax-chariklo-sass-loader-parsec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 850e2c6c4023e5a4b443ad2f8ca4fad3529da5229a547813a31c34b4e139c1ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187138 Malicious code in gemini-hercules-orbit-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fe0e579d0dafada0cd5327982bc2a2ff526ee05793971d21670cb99531d451e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188621 Malicious code in perseus-cordelia-google-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecebc93fbcf3aeb606dee2d52f301163a9c3530562ae4bc4d9ffc92e5b94d41e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185756 Malicious code in baryon-sublimation-apollo-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb3790c726df7c55127d84310d6173ff9fed277cd8b991cb51403c52e43c5f97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187276 Malicious code in hapi-orogeny-tardigrade-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87cca49ed0443fcba435da5ad6b7b18a4587c6827a86961106867224991472ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188192 Malicious code in nconf-middleware-extremophile-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d50417b20169e15bf51384ccf1ce983d58f6d92fee9ea5ee2b2023b81eb2006 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186422 Malicious code in css-minimizer-webpack-plugin-hugo-gemini-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1059a1806dfaab5b5cdffa3384aac345169ab11a207e01e109d568b24c0cb582 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185657 Malicious code in aurora-transform-protoplanetarydisk-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58b1a5eda36b79e09cac5aead692171647a585f3ce244f8b85524005bd4e6526 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185619 Malicious code in async-graviton-webdriverio-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbeaeed465424e52a3a1c461e253d7aa23522c4d71e215bf651ce7fc5cf5a79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189471 Malicious code in shell-omicron-dog-bash-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9773541d5d024eb6ba320252005f48715f06580b91dc6b9da8e16df177b7266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185672 Malicious code in authorize-code-bash-encrypt-abstract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd5863c4c6b7c7c4948eaf1cdb4d635734791e194435e929c9dc3d24a822889e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188902 Malicious code in protractor-stream-frontend-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0484f67f780b12ef69834da07acf3c1fdf3692c3ebaaf2e4cf41fd024ecdeed3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189026 Malicious code in quasar-astrophysics-less-paleontology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796dd3f919acfff7b29424059d3447b656538e5e1af0de86e836fd39ed3ba4d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185761 Malicious code in bash-water-resolve-unix-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa208583cc81c4598465e3b44b85048c1d4a747fe9087200fc8eabae365d5fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188318 Malicious code in node-sass-kastra-bellatrix-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ed5621e5b26e16d55057f9b96d4cd29d973f3f25f1595f1a1a04ea47c9c0ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190141 Malicious code in version-aquarius-run-script-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11a84d38a922a954fbee7f9e56c1959385eeb12bfe9493e598a5dce063b254ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...