MAL-2025-190354 Malicious code in xanthus-cosmiconfig-nightwatch-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72da61120c59c0bf43b0bcabd6f42a48b27ef2a01ff506bb7c55abd2b2b89c30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187005 Malicious code in fomalhaut-nashira-webdriverio-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a034cd14a877e2c5d7412544ed3aa5a725a051aa47414ff2e337b9637217fcd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190105 Malicious code in ursa-eslint-config-draco-kronos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e217945f165a1f3c90399d422a9537e095a863757767e01869c147571bd5687e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185550 Malicious code in arcturus-sails-version-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d76c3c54e9f426ddd2ebcc682016032c5763ca053724a6c3a88846657649c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187817 Malicious code in lint-staged-superagent-eridanus-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 066dc6b85c08093514728ad74577e54a20edffbcf7d838638c2e8ccbdc1dfd28 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186378 Malicious code in cross-env-atlas-thuban-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 123d82a3501a08158da19efd0782a7ccf3a05e357e6549c278b82303abf98bd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187385 Malicious code in hugo-miranda-prettier-stylelint-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2ba474c5aaf42da186212d66893866c1fbe6c58cc6ca0109aa83c82304aba0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187522 Malicious code in io-mutation-eslint-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45164c7dc6e9e0aca6bece375bafb9cf7bc338835e1beb1fcffcc5c140da59c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188085 Malicious code in miranda-stream-resolvers-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab85b6244e827370c582584b7817241e4471128dc4029387785c58842a80b641 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186880 Malicious code in eventhoriz-futurology-event-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c96777a755a8d3822d329b2a9e85b002427023d67467caa7f45bb2d7653b76d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190159 Malicious code in virgo-joviology-proxima-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65fb535baf3318b23fa0b62b4cd4c5683c8431b361755d1cb4e8290c76a46c59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187388 Malicious code in hugo-unuk-leda-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985868da95638b1ea3c6c5b706eebe02eb66931a258774e2bb9ef2a8e2dfc480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187769 Malicious code in levels-lacerta-entanglement-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16642552a6d597c86591a4a1cbb8f43b1ad3684cde6618a09349b8f72810b1d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189210 Malicious code in rest-auriga-bellatrix-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b86da353d85dffaff66eee00db788ffbba664110467cbb9f4b56baabf574c9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189643 Malicious code in standard-apollo-tardigrade-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40754cfd5d3acd3d0b0766de8c414360da01d745f7dd08b9ca8e853ae6750b6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186623 Malicious code in dotenv-safe-norma-vuetify-paleomagnetism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccad51f031eaa94c4ba5ee1a9ff854e2f73daacdc4dd9892bd11978d178526b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189629 Malicious code in spinner-spectron-electron-builder-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5547969e5f5ac3725394a5c2063f7d61a9754ae52484e58a5122af9dd4a10578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188917 Malicious code in proxima-ophiuchus-geckodriver-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5c7e0b28606987a99e1e5a3132f404b2435465dcff64ef832c045c0ce0f5423 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190085 Malicious code in upgrade-mesosphere-slides-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a91873a5b873df3fe99ee0ec6b44cc1d4008c8bc74886676ad22b1e99b5abe9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187296 Malicious code in hawkingradiation-ora-celeste-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16583bc4d19d123f6a7f3df0faf7b443656d981c65e219ef3ab7b8d15897c9e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...