MAL-2025-186792 Malicious code in epsilon-protected-reject-parse-benchmark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35e2002f19bc3435a3e86a887d2655568e319690d4a9b1e37aedef4be186df3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189076 Malicious code in rain-interface-java-bundle-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 861caba75a2a254135ada995aca02170f3baf8a663c283e579f73bb112d4f59d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187562 Malicious code in jabbah-pegasus-umbriel-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa305b62d59cc4fef7b21f6541fc211cc89fefd1acd2aeaa45a6ccbbf4c0ef70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188266 Malicious code in nextjs-quark-supercluster-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a90d735c27e0fea07e309e14b317843ba0a808ca21036db6ca3f73fe52b2d01d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185479 Malicious code in antd-playwright-ichnology-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c68692941d88ebe215bb0d8b8ad358a855839c7d267716798d4924516a6e1de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-ophiuchus-koa-solarnebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d59370b60f2bcbd1ca331ddb9e242a52c610a109777bc6254e561aad327d81e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in shell-omicron-dog-bash-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9773541d5d024eb6ba320252005f48715f06580b91dc6b9da8e16df177b7266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lithosphere-changelog-grunt-uglify-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4b28e3e1e6b068cb69bf52bc1258cb4b9e14b392caba44b8a421e3b654326c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hash-table-enum-debug-unix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92e9db4a5d7ddd918c7c0ee403554f86845cb7da929c3225fcfa88c84dd5d61a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centaurus-perseus-remark-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ce96f56e1b53ba28c31e4d27ed1b224358022b063da73e5cf10330319508792 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in void-grus-superagent-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20a8a9fd08defaff05f5feabf694f5b971ed1904512ea95cf7ae5be645b34d64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quantum-uglify-js-acamar-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45ca996a0f37fec8bbeb92598671e30801501dc4df71a3dbf77130fec73874c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-sagitta-backend-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d30433018a5273b06b2934b8e3c126a9eacec0a1c317401dac6dd8848fadecd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in farout-colors-hologram-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71c99fa5451f2cc2dd0102d63f87d4f740d4e78005ef2ea86783a16a1d892269 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in algol-apollo-dotenv-parse-variables-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5dbf3d57217d8a8fb345de059ba274eff8da19e26b131ff5780683b2ec9c167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in foundation-rigel-pm2-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 775fd4bd5df4bff7878c3a9a5430e41c9a9cb298d7725b017a3cae2bbc74e668 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dorado-hydrogeology-zooarchaeology-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84cb81d2f9006de02c80f2639b15652a181f70f10b8472afa9f18e90b375cd59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deneb-bellatrix-eridanus-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a38d8216b83ac42258c7ec4c2300616f365c570d25ae31dceb3a0406c745a241 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xi-abstract-user-alert-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 727d75d95e94323f65152772d90e7d52b5035b21d824667592987d3bf9f9a023 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in seismology-paleomagnetism-fermiparadox-spectroscopy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3e3bb3024e3f9552f1550c868b31000a8068d42f762e56f574489f88b1ea08f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...