MAL-2025-189183 Malicious code in report-serialize-rho-public-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62de5b36b23d92c1a388e80fe1d3dc55ee676535110f4175eb6a428aea0d3191 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188887 Malicious code in protected-table-sanitize-secure-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e338052063daafd3f8c42a15cf174fb25f63b00be8905065df5cdac248357a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185873 Malicious code in book-good-old-sun-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2cd52bc87cf6a49f1316acfb38ffa8d78d4dc56904ce569006a96a9d6b4270e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187459 Malicious code in indus-neptune-typeorm-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5516309892382b3fb0fe6dd7dffb02a9504ac82c70a818e30c46579076ffb483 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187306 Malicious code in heka-mdx-kaus-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272c8eefdcedd52dab7dc0dd7eef12e6f770658cedcd0d14ba9ec787e9ad9cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190347 Malicious code in writable-lint-helmet-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d5a4b6d4af71eeb4c819c5aeed09820f02c8309f1b35be0b403965813dd281d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187024 Malicious code in fork-webpack-kastra-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa08ae10f43fded7688f06c4437636a450b0f4c86bfd008f64545bbd3f8d558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185359 Malicious code in abiogenesis-terraforming-sublimation-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e9b8b0a5a3c2d8563cc099f89975f33456ba63261a9ab3282fe27fe723269c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190131 Malicious code in vega-cypress-miranda-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43dd448ae4158d3d2faceada3991d666141cdc96317313f34e86b4d6773a6daa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190322 Malicious code in wind-char-function-resolve-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f350467942a4a8ea041da2a995b65503e5774b4faf4936634f965be557a5c4d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188548 Malicious code in panspermia-panspermia-polaris-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4da720d53d91d807cfb302f7df64cc24a1fa42e45d91bdce582ec6c59bcdf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189053 Malicious code in radiant-cross-env-neutrino-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aadfcd3521c85f083a4e6d18c4f8c6278368aff470db93bea8a5a10d451720be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186744 Malicious code in encrypt-link-alert-grep-moon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e237a747a38d097627400db5dc22011d345ce71138e2e54d60ee04ba6a1a43d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189375 Malicious code in schema-terser-prompts-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029583d6bd02442384a67da12922a4a0daaac8b98c374339699e8fe7e844adcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188240 Malicious code in nestjs-luna-meteor-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dc02951e53ebfa9301168eba0b7c56d46b25e61f53253199174afa594b15df8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188249 Malicious code in neutronstar-gravity-aether-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f972bd2bdf22287e5777a5a623ae50acb15807c5fdafe094d797fd69123e914b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187388 Malicious code in hugo-unuk-leda-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985868da95638b1ea3c6c5b706eebe02eb66931a258774e2bb9ef2a8e2dfc480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185765 Malicious code in bellatrix-child-process-playwright-geodynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2930943f9773ed3a8e0e8da3151f56613a8f80e333398f6cd40f7d89ac3f9b05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187456 Malicious code in indus-coronalmassejection-sass-loader-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0136da2a3eab2db131d20c5f0b95415457e01a996714a3b8ed1f5c147cd38b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187858 Malicious code in long-module-report-abstract-alpha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c75fc5f13dfae551ff47efab8b84afe20fe478cb03f51553888aa3114d28fc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...