MAL-2025-188921 Malicious code in proxima-thermosphere-weywot-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2244dab451a96c625aa78d793fcb3ba1931ffe5080498587c46c6bbf7f5a3d62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kernel-visualize-meta-import-transpile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9223446c8456063e02bf6a2c8259e55d37e8b0523946e7d529d719fa47b3a4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fusion-steganography-tachyon-exobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16231dc3a37859ca38718acbee5374328b5cb6a2a4f63bb4577fc051dc2be239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188166 Malicious code in nanotechnology-ariel-atlas-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 726ac8d50d2a6fb517f785829fa5c9a3f25bd010388eeaa6547b9f90cdc68a42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188026 Malicious code in meteor-jupiter-jupiter-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c15bb4dde7cb205f506deb37c235142955b3906d8918fa352ab7add70e6e9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188530 Malicious code in paleomagnetism-process-rigel-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 806c222b404c6835419bb2dc3e3292a0bfea544dc0e55b7579ef348d91329803 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185863 Malicious code in blueshift-kuiperbelt-asteroid-dendrochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6529f5366e3712b3bcecb53700bba7cdc4e0d404e2d5487dc5e3255f0093eef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sigma-try-deserialize-slow-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa134277639263f6619b38cf6bbfcabf6eb3a6b0fcf40df08f3f58df3e53a0ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188092 Malicious code in mock-parse-earth-export-hot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34794b0828e1a200e5572cca5b219a30310bc6f4495e2634c3ddd92840c50ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriverio-rate-limiter-wormhole-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 546a55ebdbc1b18fed5bbad6be8b757cfe2c4fa0d1f046a9d5deff7b296f6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186661 Malicious code in dysonswarm-lacerta-unuk-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1d4ff271822892355055959d5575c07ac632f3836ddd6d8337d4c9f6915e83b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187607 Malicious code in jest-astro-despina-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 569fa8ef9fdbddd1906550949c47b3b5176f9b5c58439068442b4ef54ed34221 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186144 Malicious code in child-process-eridanus-cypress-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2052a0a86d5712791f1bcaf79b700a6a9e92e85eece452bd875120b46a08accc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185234 Malicious code in soniec-kat-favr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af7858c82682c285822b8bd8fea2bc14400481b3d649ff1853cbc2ed6d31befe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181827 Malicious code in avangs-olioms-nolibamayi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac4a5e1cc8e53f27b4ee50de4c015afe45193fc5a85b89d56957b4b15eb81322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185118 Malicious code in sonic-kuig-tnaeav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5383e188e2740f1260f965dfba10c05fdceafaf7e1243aa2a77f0fcd33ff7eae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183151 Malicious code in item-atim-kujaubi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a515105704b364390c847f65133cacfa3f2bcf38b7bf048deb2b0932d07ad753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184315 Malicious code in modiov-kifni-ufavcseqinuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 113e9ae876b6b3534e3d1de5440858be0fc9df83736c9088ff35defa30f66060 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imugay-avig-ijimamfaatugf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1220a8a7c027ad0cd4c14a1b330e82a51c106fd14f7a69964bd22c8839e72326 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...