MAL-2025-189174 Malicious code in remark-exosphere-cosmicsilence-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e957895b962f8adc6e7b566c2611a524875a29b93490125c8e08a0c643b3e0e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188502 Malicious code in paleobotany-perseus-draco-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e95a9252255738e39fa00227391b21d62088949c92c1eaa51e5d55ca244ad53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186459 Malicious code in cz-conventional-changelog-webdriver-mocha-lepton-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7deb0c94ebbbbdb091059c3ba19584ab4654ae5392ebc9f3b89e7bb345c09a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185599 Malicious code in astroinformatics-accretion-dysonswarm-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebf69323bf479cc5874cafcc0077c2229dd31319e197f5222ed445892ce4d910 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186029 Malicious code in cat-compile-analyze-deploy-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9514ab2e174c3c41eef9112756070b30355f2acf2e0db624c254b0fbd779b0d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geomorphology-astrochemistry-alphard-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 206b849dc5689a7e5c43f5c73d619dc09d9bd8248ad29e5e4a9c7beb15c96102 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-local-biotechnology-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9231156a824bb7cc0a68e0cebf262d6d2457c813ae5b4c9f8b5ecb2229089b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186234 Malicious code in command-prettier-stylelint-server-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec6af256150fbf835417b18723113d89bd3ad42360b216fcf8333ad5760ffcfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187445 Malicious code in impulse-holography-grunt-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c28c8183009a08a11188523afcf95bf4a90b317d6e72e29db3fb3800beef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186964 Malicious code in figures-duplex-magnetar-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eae1d7027882b6a70265a27433bb8857139add8539583e992546d667debca8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187991 Malicious code in mesosphere-kinetic-ignite-tectonic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20b5b6d11a7de70ebf25c858d96c58eb3b08a382c9a7864827f96f9a791eed7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190154 Malicious code in virgo-arcturus-hydra-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3200001e1e1fc337325316bb47953dad6b0ac3394eacacf5aa17ccdaacf52315 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187217 Malicious code in gravity-start-triton-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05dc11358c2821d460c58ed1e3be419761bd92b3c1d007e566b84d52e38f4132 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in big-monitor-moon-iota-warn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 616c7a209c16dbf7dfd668237b485e9f42ad3b48269110d1b28ac6574c83aa7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeometry-impulse-galaxy-dysonswarm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95a771881cabddee40de70b816e41a9e98fab7a207bc97d1bf8ebfd9b215ea40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in brane-mocha-elektra-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a64e4699bbd0a9043d4f0a6fe6c81a12163af437814fa8d1de4cf1f028f65136 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zenobia-zephyr-dactyl-planetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b41972a45f6193c0e871bc179bdd7dab9cdffb8574219b66bed2cd9c14afd2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-charon-hercules-lepton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8473c670a25ac2c4782e9d65c46e0a8158a9769fb0bb2733da88072b9a7a2c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-neptunology-oscillation-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c818da0d4724a5056bdb4220b90d6078bd9764e0642c6f267bb98ecdcc268fd4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rocket-planetology-mira-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e554a1872c6a881e9266087c9118e5844fd78fa0a2c73e38dbebe1ff503e1f57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...