MAL-2025-186419 Malicious code in css-minimizer-webpack-plugin-firebase-corvus-supernova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02a5aa11d22cf97489823152a632b2494558466c81b352b58380b9d679dd3aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185489 Malicious code in apex-electron-protractor-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 779cc6c8c43d7168deaf2cb7d9acad1a4f866432756bf35644ea6160de97ecfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188606 Malicious code in pegasus-scripts-antd-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 148f133e1fcaf9e6b0f51a92e0b77ef41f1bdf6ed12f5efd4ca90fe15c72a9b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188244 Malicious code in neuromorphic-nextjs-phenomic-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b223674405d5baf29428d173f297342b253c408e45a652429824e52c02bf2d83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186222 Malicious code in comet-private-crust-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 725732624ff25cbca460975f0017c52a1def485c39e5583dd9ba8475f3f98fea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186999 Malicious code in float-beta-deploy-star-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c28ea191cc624187c918a5e511152ef7fdd4e559f69dd061a432e823a1547cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187426 Malicious code in ignite-cosmicray-accretion-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6898aafe008e3c13932d7554f16b7c52bff08415b7ba39795af33e4b574c3c6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186422 Malicious code in css-minimizer-webpack-plugin-hugo-gemini-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1059a1806dfaab5b5cdffa3384aac345169ab11a207e01e109d568b24c0cb582 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186952 Malicious code in fermion-thermosphere-hawkingradiation-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab3f94d8bd92593a24f0fd0e58ac635815bd45cc2fe9e1bc8f8966b92314a08e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185619 Malicious code in async-graviton-webdriverio-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbeaeed465424e52a3a1c461e253d7aa23522c4d71e215bf651ce7fc5cf5a79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185756 Malicious code in baryon-sublimation-apollo-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb3790c726df7c55127d84310d6173ff9fed277cd8b991cb51403c52e43c5f97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189013 Malicious code in quantumfoam-wavefunction-lacerta-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1788756a6d13118d52bb510dd8455450869ac39134b92adedd8769a84e5d2942 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187660 Malicious code in kappa-nu-daemon-async-bad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b657d373edb8e61669489b5128e98ebd488496a11d5e249541214b28a780a773 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185761 Malicious code in bash-water-resolve-unix-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa208583cc81c4598465e3b44b85048c1d4a747fe9087200fc8eabae365d5fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188318 Malicious code in node-sass-kastra-bellatrix-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ed5621e5b26e16d55057f9b96d4cd29d973f3f25f1595f1a1a04ea47c9c0ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190141 Malicious code in version-aquarius-run-script-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11a84d38a922a954fbee7f9e56c1959385eeb12bfe9493e598a5dce063b254ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185693 Malicious code in await-float-optimize-route-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8e098a6f9822425661851047a431e132cc1cb8d102b241a0dd8972f13b4bd22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186783 Malicious code in epimetheus-loglevel-membrane-solarnebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3882f96f6ba94008491b8b2d879161bdb319ae0eee595576b6f91e29c1b50df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189217 Malicious code in rest-version-library-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e3b01d06955b1393fdf87ea7bfd085c32e43a39e890b503008aefae093db6b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186950 Malicious code in fermion-graphql-dorado-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156aba819cfd2340b0c9d68893c6aed5648b24dc7c6cae940d16954a19f4108c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...