MAL-2025-186950 Malicious code in fermion-graphql-dorado-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156aba819cfd2340b0c9d68893c6aed5648b24dc7c6cae940d16954a19f4108c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188447 Malicious code in ophiuchus-yonder-magellan-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c09c161d13a9317bce131ea8b042245be5a5099a41b500fb7888eaf18d11e708 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185473 Malicious code in antares-procyon-xenon-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7abddecc25f1220eeceabb1fe7418b88ec3fc540c529cd4130cf53050d96271a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187937 Malicious code in markdown-relay-optimize-css-assets-webpack-plugin-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814d9c5cb9e62fb3014607e0cc8e6b132834d0f216d57d6a055d9aba26c110d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188550 Malicious code in panspermia-winston-phoebe-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7b7300da63723696da5bb34487f2b3691c2b412646c248b4e7c69a0645b7cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185828 Malicious code in biosignature-enif-element-ui-biohacking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4715241285965588427f15c1ffe35a84f94a2a86f96acc208d839b45622dc284 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188756 Malicious code in pm2-development-postcss-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8abe1ab361bfdc7c9bcd7a0b5a189b4e741150d6a0e1f27487db31c5615e1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187534 Malicious code in iota-betelgeuse-rest-sass-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd0e703cad5e264ff6cd15d8e11e8c48ee2bca0d47dc24231d6c328716e26e2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186371 Malicious code in cressida-vortex-lint-staged-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d541b72f12f4ff134a895458ff7ace3372090c5a8033ba0c1df81b2f95297a48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189942 Malicious code in titan-soap-request-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4475336a5a70cb1e641daf750eece75d4e129c72b58ce76a12e6f8b504a07c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190488 Malicious code in zooarchaeology-mocha-markdown-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34f7d5b9e7d646335b98b3484b258cbd866c1a4bebb4a13bd382f0b097d0be63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186462 Malicious code in dactyl-transform-nightwatch-petrology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6daac7520c355f3e9987d2acb56170e40385b4c9e7bd696c70bd2584a925b30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188759 Malicious code in polaris-asteroid-oscillation-australis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a8b10557d3b8ac062dec69414470183d5bbe9cf999cfecb684e5dbac74a09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189081 Malicious code in rate-limiter-callback-nebula-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53651fac56158fb1f188c86d46208153a283a6a4bc8f891f849d0f667396b922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187276 Malicious code in hapi-orogeny-tardigrade-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87cca49ed0443fcba435da5ad6b7b18a4587c6827a86961106867224991472ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189249 Malicious code in rimraf-webdriver-manager-impulse-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fefd7243462f1f8ccba07dd065e1afd7207e0a92494699f6c4e5e02d331673 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188403 Malicious code in odin-toml-element-ui-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5661962d1fadc577d8482aca57631a8e89fd2662290ed31824e2467b2c2a2ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186420 Malicious code in css-minimizer-webpack-plugin-framework-nextjs-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f30f366708cef8bca649ed0d2111bba2e06d274b44d3c3ffe7f6ccc876441e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188335 Malicious code in nodemon-meissa-outercore-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba2e23c45539583f659e07b8c25c6f64355c7809af168ed58fe5b4b1e9e94297 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185952 Malicious code in bunyan-spectron-webdriver-less-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea996c13b6b5a184710be958777615f73170e5e8f3a5e8fb00260064a7d769c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...