MAL-2025-189237 Malicious code in rigel-markdown-pdf-jsonp-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bff23cd8057496204d56ef6a563c25287b1811afc993a576c7b38a7606534e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190399 Malicious code in xml-proxima-rest-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a1102d2c7aae26b1696c4937b33f1603f7e0cb43277d6af00d48ae46b44ba92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187341 Malicious code in hermes-browserify-alphard-greatfilter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e30708db9226924c56d46254043ab17828ef65f1ed22ce45bc6353202adddb3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190137 Malicious code in venus-dactyl-publish-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00e0885c4752a431d7ef0c7c486161540c316f43b132e783036e81bac58c1dc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190126 Malicious code in user-refactor-cluster-transpile-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f18892cb120efd30e52630d809cf1105bfccbab7aaa211fe691e458990281176 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190362 Malicious code in xenobiology-darkmatter-fermion-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b98aaed19411a873cd6ace71704b7552245706c937d1d0c567eacb7b6f27a492 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187011 Malicious code in forever-heka-polaris-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 549cbeccda483381d702c303bbb17493a0b42b4983911a75c13b972b2178d872 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186792 Malicious code in epsilon-protected-reject-parse-benchmark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35e2002f19bc3435a3e86a887d2655568e319690d4a9b1e37aedef4be186df3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189596 Malicious code in spawn-miranda-publish-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7abecc7f7e41575adec56452069c9e78b09579af5a2bfa19b17d85134384036d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189684 Malicious code in stream-indus-dendrochronology-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdf9efe1fac494c78e0dc753729d3c091e5206d94dfa78e6b2352c83e1ddc9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187638 Malicious code in juno-saturnology-sass-loader-joviology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beb54e9749d9d21998cf67910838ec70d40b9d045cee981abefd69fed26a290d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185886 Malicious code in bootes-transform-nuxtjs-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f64f3298d697d03cf370511ce9702d97278f09a984e91858e476725b20e92f56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189238 Malicious code in rigel-miranda-cache-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24d18ebd38c79524545d193434c68697eb21e47a21abb2e7f108ae969d00566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189680 Malicious code in stratosphere-speleology-rollup-plugin-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0070903b281cd33d856ab30b6eb2f06f5f37806f5672eae32b0dbe0e003d1158 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189047 Malicious code in quick-validate-transpile-cluster-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee10f0bcabc32d9ac66632a283a2ba700f31cfdfd2a8f280a980368720bf754 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188174 Malicious code in native-blackhole-parcel-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a471cc517289478a545c2d4f578f4a0270138b69edff1c911bc1f622c60c9c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188147 Malicious code in multiverse-pavo-dependencies-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5bb86e4fc7d6abeeb8acfe3062856a25e160c76e9ab903a8caa83445b6660ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190240 Malicious code in water-catch-cloud-upsilon-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ee923d12f25e195265318063f9ca7aefda531762b20e5da248f7248ff39084f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186830 Malicious code in error-validate-refactor-byte-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e7990422b33800950f82b858c49bc8d9140dbd49c020770a8373607ea132679 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187238 Malicious code in gridsome-slides-pipe-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d3041ecadbfa1b9ee20c448a9f21b65c9463e9e394b9f82d5a14402dab7ac41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...