MAL-2025-186204 Malicious code in colors-gravity-cosmiconfig-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ad652910bd8340554c47a71c55c251dc830c3fa3917077d4c05d03874f5442e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186083 Malicious code in chai-prompts-auth0-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad324c4ea61642de7103f9b9dd8dbcd82c0039694bf830c253f7ff3fe81db1ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188886 Malicious code in protected-reject-decrypt-bad-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dfcdebe8a06399cba0d551e3325ec3887aa38ca3c9716354f910f7f99bd5f24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188123 Malicious code in moon-unix-meta-process-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 432d18ccf99d5d85dffa21aae798b7ec0ce7b7df8d0070f8e8d4c477f92b2037 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188966 Malicious code in pulsar-apollo-decoherence-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf551a8a06ecd6a92721cdb0801dcf865ffc04b38a01e16d0c850dbdb17c9a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188387 Malicious code in octans-command-io-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 112b69f2e1d1d7f16bcd45f8c8495468b99b558ec30f33487b4df15845885c7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186435 Malicious code in cybernetics-concurrently-testcafe-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b8f5792ee6c85cf91f477bdf5b37dca196fccc1875897cb6bdc09b40cb3c6d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189184 Malicious code in report-thread-benchmark-good-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5572aa52a9142ab052da985144ef50687e5e330598649ddbf7ffbb3ebd7b16fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185408 Malicious code in airbnb-mini-css-extract-plugin-centauri-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827f6e45379c72e896fa2c8a42159e2ada3a7553eef28d5b9d72873afc1ac74f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189271 Malicious code in rollup-plugin-html-webpack-plugin-cordelia-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2554973e6e1d34edad7b0276e63e4eb111a0a6bf2f4ddf64775f7090d414bc24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187392 Malicious code in husky-despina-readable-oscillation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5adef6936078e914f40a91db6e76efafdf970222f3620390210150ef16c332cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186237 Malicious code in command-xo-module-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd904aec9c3a6c08fbd9825ef68e0a13af99f7a6873004f2183b1f88c4f22d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190201 Malicious code in vuetify-thermochronology-csv-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 203350dac17303b45c43bb6a8b176ec28f297d373b7b00d634187149616e7c80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187044 Malicious code in framework-bellatrix-await-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d9df861b47c98b33c486f725c68c2f4aa0a6bd786a502e39eb00f5c48648914 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190425 Malicious code in yaml-halley-astrobiology-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00ec7a4f9c632c1ed7c670fd6cc00ce8d0dcddb85c0f3f3e6b834125c7fe932d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186587 Malicious code in dione-kastra-public-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94e45af73e65c8bb69b8936ef251a668c188721bb919947f8884f6ae981cf02f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188651 Malicious code in phenomic-gemini-adonis-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70e473e63486e2e3fb28b1c74b916ee10e38ac8e36cf418dc8213946bf8a4a0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187899 Malicious code in magellan-bootes-resonance-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f8b4773259d5547357d870a866f9e7006b8eb86df99ec58fbc123d7da10ffd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186580 Malicious code in development-postcss-loader-webpack-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc7d279a0f29b5bca794be3e6921a4e2c28a76db57e85d79fa4f0cca9313cb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187380 Malicious code in html-webpack-plugin-wavefunction-local-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9b889caa4d6bb6e7f090a2532d0cdfd4fc1ca62791b86087f1d8923688f6937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...