MAL-2025-189774 Malicious code in superposition-nucleosynthesis-mui-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063fcb24a40b89768bf94bc97149458417097f11c41885bc62e4b401f180fc52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188125 Malicious code in morgan-meteor-loop-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70f8ff4fac46120d5c038ff72708bfc1e04ff3b4a1d0997b5a208cd5adfdcf26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185371 Malicious code in acamar-comet-flare-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4fa443fc219b32a649b7258c7128b38d90c7010b81b9625f2459c8b43d2a4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186580 Malicious code in development-postcss-loader-webpack-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc7d279a0f29b5bca794be3e6921a4e2c28a76db57e85d79fa4f0cca9313cb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187633 Malicious code in juno-eleventy-prettier-stylelint-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6a310c6f44311b90b0c366863dc1251a35c2ec6b74bb4561c289bc7facabed6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187858 Malicious code in long-module-report-abstract-alpha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c75fc5f13dfae551ff47efab8b84afe20fe478cb03f51553888aa3114d28fc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188467 Malicious code in orbit-luna-indus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ed9d865a656c770e023fe92f67cb64974da1cbe3fb0141834bfffd8c86df97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in capella-tethys-lynx-antimatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3bd723d35218da7f1893c877e9a4ed4feb0ca1f191e3971ab7cc91e3f7fe418 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in run-script-koa-json-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddacb19a7b3e97bf03064774e12705d50f27af3a4fa50bfc8148937c7bbe0782 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189697 Malicious code in string-eslint-antd-cosmology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c09b41ae985cda899d985058606ef63413008d232b4ee9a9dcdea6bedafeaac8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189183 Malicious code in report-serialize-rho-public-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62de5b36b23d92c1a388e80fe1d3dc55ee676535110f4175eb6a428aea0d3191 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186902 Malicious code in exoplanet-boson-readable-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2512ae5cd9511f06a762c8a07b26c5fba37ef49c4de4cafe77cec8408fe52ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187672 Malicious code in kastra-perseus-comet-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba13e6972332291be48505d01dfa79462dbb30b76789d9acd10da211473f2447 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188540 Malicious code in palynology-cybernetics-schema-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54cb449bb955da5853cbd3c10edec33c18b47b924c86c52bd0f4d8d627cbc741 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186774 Malicious code in envconfig-passport-charon-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82a913dba1da1b938c98f9b6be2e6a3d983d34324af40a2987f86fdc7232dc2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189159 Malicious code in relay-xanadu-playwright-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f5b343566d9c2b440cb6c55468fbad158ae781470ddb8529d7f26d72f7a9e78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supercluster-command-betelgeuse-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c4312f9a8f4944f7302c2d84d8f462d661b5c52a2451094345926045d0e847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-javascript-process-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 192f71261f706f28676541bb8ebc25a651c6bcd39f95de4ed5e6634af129bbed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188328 Malicious code in nodejs-radioastronomy-tailwindcss-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f55993d0565f8d92a812004ecc5cbd614a5e9d4d25497d89d5a0002bd114cc88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resolvers-superflare-chalk-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3250e8c09895d4ddc264575292a76402b578ae6c4695e8628f61bee0932024b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...