MAL-2025-186912 Malicious code in exoplanetology-grus-mdx-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ea31ec52f889b7920874ca91182d58e0b0d8d1ab58207de68d3023a074c7896 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185677 Malicious code in authorize-node-slow-stub-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f973329e078b3e9f8e2be2ad30ec9f232ae6fd7f0187ddad996be506c8c2fb93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190061 Malicious code in unuk-chalk-proxima-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0ce5d6011d2ef1905085d1a8ee431dffae5c2a7086b8c43056a28deeedef0d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187311 Malicious code in heliophysics-aurora-lint-staged-global (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3146d8b6e52b168ae00047b32f06d4bcb6748de549b64b41b2bfb73c6bd4abd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188703 Malicious code in pino-pretty-electron-palynology-bootes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b36e22f77ac97013a394fdfb27730769ada345b6bc823b6adaff00ad707efbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188581 Malicious code in passport-selenium-terser-webpack-plugin-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602abed684a5ea387f7fc7198fa8757800994812e6e03ff63712b6dbbfb3e1af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189443 Malicious code in sequelize-eris-europa-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eccbd4b1bb7d5335c4aaa91ebd9e32a321a8447290883e3cbf50f61a29cb747 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190308 Malicious code in weywot-wezen-bootes-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95af838a5409ad46c803f49911e5142c4505a584392775561fc0e5b1eb266f01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185683 Malicious code in avior-backend-technocracy-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e4660f214d4b00c4b4abd3af9e79316c7f7c5a06984a4a7e9b4fde2a60140b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188754 Malicious code in plutology-release-it-despina-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52a749c6fc4371a3c2293723768a233f315f8ed6aed6c686b69a16951edb77c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187671 Malicious code in kastra-oberon-spectroscopy-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2e7279e1ca549eb0a3e63cb167e9feb16a51f1dedbbf158bf38ddbc2b169e23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185639 Malicious code in atlas-ophiuchus-palynology-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9199776326ba6ad1fb449283394108e2cfe8a046a1fd232be90dc0ff164706a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187559 Malicious code in jabbah-areology-archaeometry-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1450f46fd9e16986c07c3d8779c3e55418dc857de0953803ae76fac04be89af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186693 Malicious code in elara-express-babel-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab76e836e3b58249794cc58f0387e341cbcb4f07e8b2c7fcde64da9830361a30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187725 Malicious code in lambda-daemon-cron-delta-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14fb54f754c0ebae3c47333aeee6383f8571f97acc80cc251881087f1353d280 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186424 Malicious code in css-minimizer-webpack-plugin-superagent-npm-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec208a1d158e4c6d43500fa2e73288eb7c5b912b4a3684dfe6633d3d33ce166 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187701 Malicious code in koa-prettier-stylelint-link-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3769d4b81521e90ec08b25681b58a9566408041fe26a44b7c1d5efaf56ff4c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186015 Malicious code in cassini-pyxis-proxima-isostasy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee145f91f029367c40892d60c12537ef872ce0c03862342747ec9269427cfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187868 Malicious code in loop-webdriverio-vulcan-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3f9d3f3f64e3dcfb01546c14df5e1d0e289308f7238bf5fb36f487b9e92423e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...