MAL-2025-186061 Malicious code in centaurus-farout-html-webpack-plugin-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f90a93fb08acfd5f7fa33fa6b6f7fc638d17fe538b4201be97e4fd9c7c056b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187321 Malicious code in helios-zenobia-geckodriver-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e796785c3aae01a64472105d999ce152bfd6adbaf103c097cc7e9a3b257170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186758 Malicious code in entanglement-greatfilter-void-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5c938a40aa714464f758cf9b7ffb6b9ac75e1e0bfdfb7fa0e1b292f499d3135 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188974 Malicious code in pulsar-phoebe-apex-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97e5c42f40f5c45ce556ed2565617986c5bca5b1f854d73a577665555ca50a2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185894 Malicious code in borealis-dagda-impulse-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3587d666c8d89b9662eb73f726664bc5a3cc787c88f64a73d6771d9b674c6f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188795 Malicious code in prettier-despina-gacrux-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00fec6deb30bd5cd5a5e545dce825592415f1f20a4686a084e6cb1c5169e3902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186407 Malicious code in csrf-callisto-hapi-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3353f2b88309fec3f0a2db16bc2c7dacbf46763f6ef7ba45dc6a3742e6ec2f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186591 Malicious code in docusaurus-buffer-sequelize-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b662cd60cd555d9bacb27298d83489c90bb2da7c8889ef66f142b25ac4c91cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187547 Malicious code in iota-stub-wind-quick-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 926d033f3f79f78ed2711cf99d51fef9eae637b5fe355e222fd485b6b583a03d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190393 Malicious code in xi-moon-star-fire-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 362014d5ddaa5609b560cef0f3912766ea90c9f16f84a1fd7f3d1750deb77951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187698 Malicious code in koa-callback-postcss-loader-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da289d643aa3faecaf7175117c401810c7e8057d922808fb551774bc12f9d353 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alpha-sun-validate-transpile-bad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a69a24a142ce4873bcb6768549f8e9f79488bd27b5b4e3ff44bf4967f0cd3fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188873 Malicious code in prompts-radiometric-passport-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0758b16dca5d6cced10fe96195a7c2306a87710fa84a7e5173a33d16b608468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185958 Malicious code in byte-orchestrate-wind-water-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5065bd3afc319f23f585fde9a06d5b7b4182fd2cfbb0107f2ec1b61b89a82f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189623 Malicious code in spica-html-webpack-plugin-kronos-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82181ab2b25bcac772e3cecded34360db1572cf56e392f5f6310c0335bed342a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187107 Malicious code in ganymede-palynology-proxima-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543e63880d502f59f3d0b14c0fc789ac361fa84e5f73d03802527eb7c0a98c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190276 Malicious code in webdriver-mocha-tectonic-leda-antimatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96d67a3e972f3e54d0491f59445975ced9290c471b9cc66cfb1b1de3200bb902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186077 Malicious code in chai-got-pino-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d4038eb99c7a3c61857cd8ea91f7024e5f1510152d4f3c6577ad77a0bfbd3b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186152 Malicious code in chromedriver-spica-repository-epigenetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 644a4c64a13ccff013904a32793fb2156d58bed4a7842bf67f3e452e2a8eb050 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189357 Malicious code in sass-loader-prompts-inquirer-blaze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8510e31e6aebe1ba6798f088e0772983d71667602f005659f7f54fddb9b9facd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...