MAL-2025-185622 Malicious code in async-iota-pavo-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c1b1f4251a47dc183f09a26f155bd0931ec87d8606fb9177ab5ad1f58112403 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187332 Malicious code in hercules-config-juno-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f4cd30f00323af7b524f61b17219f21295d6d27272c1dc39765553c6d27266b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189680 Malicious code in stratosphere-speleology-rollup-plugin-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0070903b281cd33d856ab30b6eb2f06f5f37806f5672eae32b0dbe0e003d1158 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190438 Malicious code in yonder-mineralogy-ablation-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0650f663599df30ee3a2fc300f5a88b7bf4a1cd8203f2410bb10acf99ced98b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186607 Malicious code in dorado-hydrogeology-zooarchaeology-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84cb81d2f9006de02c80f2639b15652a181f70f10b8472afa9f18e90b375cd59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187789 Malicious code in link-cold-file-mock-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b00633ef23678971f439a4d09b982591e85b2cf14df23a52dc20c721a6ebe3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upgrade-mesosphere-slides-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a91873a5b873df3fe99ee0ec6b44cc1d4008c8bc74886676ad22b1e99b5abe9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spinner-proxima-cybernetics-cosmochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7452dbccf4e36bdc41bf89259059d35e9ad079945737d08d43590057286583d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zooarchaeology-install-aether-extremophile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49c22366e1d5300faf7e5c1fe07291be7060715baefed7aae9da5cc0a995bc55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in halley-paleoceanography-mui-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1c18c06b50e272a459781ff344e0e72fb6cca19422c4940dd8a9f7d835cb9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-geckodriver-perturbation-geodynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa898dd9b0ecf67bf135b03027d809bf8a597128a8fb16ea32387a5fd838ff8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-hermes-greatfilter-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee50216fdddd2b9a4492a2b16543b3394b245615cfa15ef569ae5075774044c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in extremophile-fornax-quasar-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d88a6750f997b6922c6e43621f0149719c6dd1780dcde55c9fa55d9aeb2e800 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in command-bootstrap-exoplanetology-paleontology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1c98741dac0aaa20ffdd44166754eaab39b72cb59265ccace7177c3ad5cb09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protractor-nightwatch-schema-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea7a915975cb4548934f89ccf75e0bc82f99378036e167a09ab41fcb1cf23afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in orogeny-karma-babel-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bd1ff628c7a9533aedbbedf75824f88072126471f9c3a012e94369c391516ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in husky-build-toml-troposphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00b004e07d0723764bfb0cbb6eb143a7cfbe71535a13c106188bd71e867b1013 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-zooarchaeology-achernar-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 143e463af8410949bae2d25305ef0ed390c33b196c10addcaec3b1db9ef17bbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in adonis-prettier-stylelint-ignite-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c2dee72f106188a0ff5e17a762bbdb0c03f1132107e86b7618d5761be4e285 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elektra-supercluster-genomics-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 151aa85ff2dca1946cd00a3716ecb72519fd01ae04977e10d71f8a48361320bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...