MAL-2025-189762 Malicious code in supernova-cosmogenic-buffer-bioinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ade48535ff4a6ae12b960998a8941ef26736e6e67fdc6d33d49b63d1d21298a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188214 Malicious code in neptune-cryovolcano-dysonswarm-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55f65d6b8e5c42cddf9286d718e0a8cb42596b67738c40351857045aa7c2bf9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190380 Malicious code in xenos-nconf-aurora-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3becc1558a04e4d28823447dc8ebf2bb654650dee47d902b2c138cf0f0d3ba20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189700 Malicious code in string-route-theta-virtualize-deserialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f524d85f0a7b09046d1a72ea16b5cc85abad3d62c1dd280310cc3d9a4917907 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188145 Malicious code in multiverse-carina-boson-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a771cf283fb9950e43b2ea7694717add47719ecac98d5e7cee380843483edf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187944 Malicious code in materialize-magnetar-paleontology-cosmochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecf9462c6606c2905716e1a2464a867641a12542ae45f8c63e22e1cdfbe250ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190012 Malicious code in try-signal-lambda-execute-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff58345af7f94838fe702630b47bf18db37968f47a7626a391421cf46ad542f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188732 Malicious code in planckscale-webpack-json-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dac476c90bc256cd8261ff18ff844d1b911ddf79b4f68c7de94b528d89ddc48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186124 Malicious code in char-xml-xml-validate-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c76ac411c304d6c4ff3a8efeea7f9fe5ac89b92dfa39c8e52594a2d41d9b510 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188342 Malicious code in norma-quantumfoam-loglevel-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ed2698692112dfc74b6f02911353f2237a752abc9c7550f33631d1e5f59620 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188028 Malicious code in meteor-meissa-airbnb-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f90614fd54ad4b93ad60971086709bbd736fc4d959596cc79df4ddb78e672937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186252 Malicious code in commitlint-config-angular-nodejs-carpo-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff6171864c8dd888f734cabf61ae22f26f3868044dd59eb396032310cdbcf72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185955 Malicious code in byte-decompress-cold-deploy-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ef141eff83134eb1dccf37d5ed667b1a2bb43d54e22c1432a3be0635611317e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189278 Malicious code in root-cluster-bad-final-rho (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e40f7f5e09039c8649780bc1df2004bbac256e735a86bd382908a03f1354e3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188420 Malicious code in omicron-query-air-cold-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecf2ab953418ed4cb1f746b6fb3179574ad14d8670dc1414ab46934e8199dd06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186868 Malicious code in europa-fork-andromeda-kinetic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f06c976d398e6600330ef91542a8aa6d3f7aa644912faa1db980b04078a6339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189977 Malicious code in transpile-bundle-upsilon-decrypt-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43f3b2cc46e9852ad1e5d13517a2fc8779647fdf4b1bb64c894398cade68b86f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190139 Malicious code in venus-nextjs-heka-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce32a190eba19f5be21cabd7b1722d51a5f1046b2d93dd087e5957927c771cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186715 Malicious code in element-ui-nconf-oauth-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4fb80ab7cb345deae95e9acd799044d7c7a2e26647d6c158c687da329783e0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187383 Malicious code in hugo-capella-janus-nucleosynthesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c833040778b208833172be98968dc0d98c708a39a399c3fdd27d8c86303fb62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...