MAL-2025-187892 Malicious code in lyra-nebula-node-config-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71da1d08ee103264b969b081db8fc81219689df4fcc9605329c81bbdd888fe5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187385 Malicious code in hugo-miranda-prettier-stylelint-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2ba474c5aaf42da186212d66893866c1fbe6c58cc6ca0109aa83c82304aba0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187046 Malicious code in framework-release-it-fornax-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b7d00319abd576e303397fbe78c43c769e871f30b6725bd501a0203e38c58f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189525 Malicious code in sirius-stop-umbra-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e55a14a033b2c4791dbf3754b9d92b6fe7fba60595a0c5234a281f5b9d0c6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186822 Malicious code in eris-writable-docusaurus-on (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 722d4d900728b73a74cce7951c7c4f7bf6d25c2474c3ebdb2614383d6b187cfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186581 Malicious code in development-rollup-pipe-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5422eb14dc81f622c8c1bfc1659db7e1382b798ad0b831b1816419a6c998cd88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188966 Malicious code in pulsar-apollo-decoherence-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf551a8a06ecd6a92721cdb0801dcf865ffc04b38a01e16d0c850dbdb17c9a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187456 Malicious code in indus-coronalmassejection-sass-loader-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0136da2a3eab2db131d20c5f0b95415457e01a996714a3b8ed1f5c147cd38b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185996 Malicious code in capella-biotechnology-meteor-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7007c2c8f13c28e4f7207166e71ebaf1dd15e71fd1b55b1f8686c74a636216bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185583 Malicious code in asthenosphere-package-eridanus-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00a85676bb495d8b9d6410743d9ad84b8230bc3881bdbc72bf79b065f1db8ee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188656 Malicious code in phenomic-metalsmith-neptune-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40a3e947e7e13e33325e88989cd6115c193af7ef059f6904daade611693e4fa9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189750 Malicious code in supercluster-neptune-juno-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7543532318ae7b6ac85841586a5d5d482e3cd78901b800e164aa8ddfe9c3493 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187533 Malicious code in iota-bash-bundle-delta-encrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f5937b4ff7dc4e858440a4d4659b214c5e00b7067034ed3aa76192d44a402eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189184 Malicious code in report-thread-benchmark-good-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5572aa52a9142ab052da985144ef50687e5e330598649ddbf7ffbb3ebd7b16fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190322 Malicious code in wind-char-function-resolve-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f350467942a4a8ea041da2a995b65503e5774b4faf4936634f965be557a5c4d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187640 Malicious code in jupiter-aether-markdown-pdf-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3047528b04a36dcb7ded333eafd8a31b11d90bc1926d32a82ccd3036dbbf7120 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187768 Malicious code in levels-jsonp-iota-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2caecf3d6a606c52503c3e1aa63ab18c9dd86c61c8bf2eeeb2ee0b7f5b2a2e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187637 Malicious code in juno-pyxis-barnard-perturbation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ba7667bb839b545547f830a7cd64064ebb2ed6a65582c2229a5f9a02be6dcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188499 Malicious code in paleobotany-commitlint-config-angular-ultra-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b03612e35e536ee1ee10dcdb5d77fc03f05899841dcbee643769e07617aa5f06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188171 Malicious code in nashira-dotenv-parse-variables-gulp-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f07680065e1750d77fa79d213b3d258047a7ca301196ff1c2812354b0298015 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...