MAL-2025-189004 Malicious code in quantum-norma-canopus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89cc616e1c86db519ac69507809139300362341a112b7750cd00848d92ec1602 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190413 Malicious code in xo-sequelize-thermochronology-resonance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e182fb3819c16f6cc287c32a13afaf3df0329fb225a9f3c84ac6513d88660bb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190097 Malicious code in upsilon-socket-cluster-static-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99c4127e8b9df2359bf4f313e20808bc22f8a6248af19bb410a6350869034d86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187037 Malicious code in fornax-socketio-ganymede-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbf81223eb44037f720c7f81236de5d3bf785a23ec6a4b48c754958e420b7afc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190298 Malicious code in websockets-winston-neptune-ablation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 565a47c433c4528bb7ca882f19a72714292b446d620d3c6037f544a29bda1783 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189807 Malicious code in taphonomy-phoebe-mineralogy-cladistics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6d0b38ae49da146c24c104347787c4c7f2cf17fc32dfd0d2761d705c9870097 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187836 Malicious code in local-cz-conventional-changelog-cosmos-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e458e633b542e7ffd2b0e112aabcc898fbf435cc944028d735d657c238d16a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190331 Malicious code in winston-hadron-neptune-biomimicry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6c7c8ff3d5115b179dd8ecc42fa8cfa84c09be7c3cacaad80ec7c33d30a7ba0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189450 Malicious code in serialize-cloud-key-array-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d01874bd4c7f5835f39f72b5f76baf3b4f36532a530bfe790cfd96aaa71f6870 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186644 Malicious code in duplex-airbnb-canopus-gammarayburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 117508a86020268cd81fdae9e80b61bddc41f161e6fbf280a81788e22e70634f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187978 Malicious code in membrane-kuiperbelt-cluster-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2639962a1d823072dd4a426f9f130d9902d802d078ba51a039ff515114bcb742 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185643 Malicious code in augmentedreality-frontend-cz-conventional-changelog-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f8670d124ec65024366529e678d71c9c6e75aef3c338716d5991bb1f5d1af36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186465 Malicious code in daemon-function-throw-file-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5a73e261a4f17a185bcca6a3ab3abc503be436cc2631043966eea2b64c29a97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189915 Malicious code in theta-daemon-moon-char-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2429c5994ed2876f384fed139f93e19399a8f86b62e50a60c67f7bfabdf39a0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186932 Malicious code in extremophile-fornax-quasar-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d88a6750f997b6922c6e43621f0149719c6dd1780dcde55c9fa55d9aeb2e800 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187619 Malicious code in joviology-nuxtjs-ursa-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 737dee137a220a82e1a7d331694f492c4100fecf3c4335d253e40036ec0cbef5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186916 Malicious code in exosphere-innercore-radiant-cladistics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e5570fc4e3f2f9908698e3cb9b87896af167d7a106ca45f71acae469983a197 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185948 Malicious code in bunyan-radioastronomy-interstellarmedium-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cc54e68d097377490b89849ea3a8203a0b8b2af36ff8e9b2ab0361325f59df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185801 Malicious code in big-data-shell-omega-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1244a9ab9c9072bd2cac6a3da7e782a4d9ed85476bd01eef9825f23de4c7478f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186602 Malicious code in dog-daemon-transpile-grid-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55edca587df4a61a434055376da40b0f9a67bbb2d201adc1b4ab8833d5c309bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...