MAL-2025-188452 Malicious code in optimize-css-assets-webpack-plugin-terser-rollup-plugin-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9abf544e29423b7c4a79b3a0794c0292360330e730a5ed59e506c1cfdb40799 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189382 Malicious code in scorpius-vulcan-postcss-loader-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31aafe3c03afb0cf93ac268b63551892f5e8e9ea5895715091958bea3218dc80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186230 Malicious code in command-celeste-resonance-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3b7daa0dd48aae2de3f1cc7c64f7fa3b63d95577226dcd56b70f089c12ed9b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188149 Malicious code in multiverse-terser-webpack-plugin-vulcan-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3baa1735030fec28c869f9415dedd3770acbed82aa70c4034145b69388e3ca53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187954 Malicious code in mdx-kaus-browserify-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c35c481bdc9c3cd04791a4bd2aea3c97faf1ab41752bdeaa06954b53da493801 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188542 Malicious code in palynology-semantic-release-pulsar-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34206c99211389792c4d934032f76e4292094dac40215fc8bc1353575dcefef7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185673 Malicious code in authorize-float-signal-string-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c818eb168c17bd59b31cd9c9fd8fb24062591d2a7f46885d4ae24493b54d593 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187863 Malicious code in loop-cosmicray-repository-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f610163d80c4d4634df39dc9eb5e1f94442dcd4e7b119bbb4aa148cef9ee272 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187325 Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189126 Malicious code in registry-firebase-bunyan-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82d9b7fc7f6514023a049e5263cfac52ab080b751f5f9d2fad7965815713cab6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186642 Malicious code in draco-quasarjet-envconfig-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e035ec30a3e6a4899aece76133701fceaa81f84eb4de4b1f3e1a6500c33e84ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189514 Malicious code in sirius-darkenergy-selenium-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d8a88c1473d6d62a4e97fff41207584a1a760e37bfae59d36105075e63250f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190371 Malicious code in xenon-ganymede-got-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3cdb5311de65ffd938d7edee63411d617e2a115eb667ee052b558090a5c0de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185366 Malicious code in abstract-hash-key-report-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af67a09c9ac8b1f5a97cb010cec5f8683ef9b54771520fa4630f0ba372d1ba86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185618 Malicious code in async-eta-try-balance-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16ce88a7db07011ebd02f6deb6abe9ec27e30f28d503c3580ab35c829a94c70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188668 Malicious code in phoebe-borealis-vuepress-coronalmassejection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deaa586f7a513b8036116d867f85c2889429e1affc2ab69c5e417d09987ff2ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189694 Malicious code in string-crust-exoplanet-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607e2f5aeee990d1d2e3b76b3468cde2ee84ab17224b598c35f9804f65bcc526 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187676 Malicious code in kernel-encode-benchmark-interface-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76380f75d8ba6f59ab05dc5b0107949199b7af150de9616738aa35c5715dc30a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190442 Malicious code in yonder-webdriverio-lynx-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbb715d4acf64ade15a47fd3c5a01c86a6a1ba2777dc7bb8b003d084a247a51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186024 Malicious code in castor-magellan-halley-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f91c2d58b576b6b398598b006ff7330ccf27b074f3ba12ea2377ed20fee56b1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...