MAL-2025-189076 Malicious code in rain-interface-java-bundle-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 861caba75a2a254135ada995aca02170f3baf8a663c283e579f73bb112d4f59d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187806 Malicious code in lint-janus-juno-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09c4d24d6c0937c0a916af5b388852eb2c5e7fb318480dba1e23ab03c3047296 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189757 Malicious code in superflare-tectonophysics-less-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb1b8da8dc9f41bfa1ba5e27052994c79ef7554a21aa878b14d2a0e3e5b19562 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185695 Malicious code in await-jwt-vuetify-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd21812b96907664c208aee1e22aaf7d46e2eaf9437d6f4a0c8a6f0731f689fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185699 Malicious code in await-rate-limiter-ophiuchus-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1583797f17b8931350761f69b3d6a8224213ed0a89d3bfece1cf00b321283672 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189169 Malicious code in remark-barnard-commitlint-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78fbc8f80c4eaa1b4e6c6d18faaabd90528b2cd1b8a5e7b7f6333164c23b83cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185750 Malicious code in barnard-soap-gravitationalwave-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fb6bb311abe39715f83590bf71d33b3e1f29c30ebcd134a8d514362a9b9313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188763 Malicious code in polaris-juno-taphonomy-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57aadb0c6fc2fa048e9640b5186c58a3bf3c7e138f166b104d24916c8d7d6286 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189782 Malicious code in supervisor-slides-orbit-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f9dbd94f494a24ef57e9ec19ecdf8c357feea71319d53b704f455240c03183 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189640 Malicious code in stack-compress-nu-zeta-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 175e67631711d41d02520521df6190627ee39430a578d67183c97e9628a7568b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190466 Malicious code in zephyr-local-hexo-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8cbc43bd2e8f930b64bd3a7bef8e5d6d3354d3de596f4ba9862789de5ea934 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188717 Malicious code in pipe-cz-conventional-changelog-meissa-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f76581a30ce1561ccc8aff0c4f6f3ecc981e5d814d26ad12af5b54f32937a161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186564 Malicious code in deserialize-load-byte-delta-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b74be2ad25d38b0d959d55db1f801401e5e21d44237d75376a71ba1bed0d94b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188047 Malicious code in mini-css-extract-plugin-meissa-chai-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f10f238dac0f01e63a9ce7a8c017e5600af3dee37d61959eac17ea52e027d019 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189599 Malicious code in spawn-rigel-petrology-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ceb3e16eff53632f7d133fa2fc43a037654145b89bf2a95cafcf672760818e57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186700 Malicious code in electron-builder-lint-typeorm-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7e5beb67118d8fdaa1e144cb2556d1c7eb507b684f06c0a99770132a862715b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188668 Malicious code in phoebe-borealis-vuepress-coronalmassejection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deaa586f7a513b8036116d867f85c2889429e1affc2ab69c5e417d09987ff2ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185742 Malicious code in balance-char-byte-final-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 817e865ae1c8a984187cb4dbd722f2a15ab88822dc1ff846b8b0644a317fdc6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sequelize-ophiuchus-parcel-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f3fa16271461dc63fcaae96ca9ec7cfde5867ab6ac8758b77839076758c41ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...