MAL-2025-189805 Malicious code in taphonomy-neuromorphic-cressida-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c3f8ac8424eb2fd06c7645a3bde838a9dc858cb027eef1fa0343a1bdc4319b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189453 Malicious code in serialize-minify-decompress-mu-cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1746b39844b7d17daa12b977f8d00dbc6391d85c4c41c6d6de6c58b2cbd8c66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187452 Malicious code in index-grid-unix-long-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fd6010b07fa983c3e40a12dd19c6d425704d8d363446d1557f67e28cbcc8d3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188705 Malicious code in pino-pretty-kuiperbelt-vulcan-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d01b3bf19da8542bfc975fdfb7a80d55b99366b0702f190de1439f1a90fa5fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190009 Malicious code in try-data-signal-cloud-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49def6b1332bdc84897f7c299b32c7df0ec1130260ea17e9bf6f0969738691d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186518 Malicious code in deimos-phoenix-impulse-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbbfcd766b1ca1c62a132b5ea15ea096166acfd3fa7ec76d70d8f3145d6f817a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185819 Malicious code in bioinformatics-async-wezen-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d985ecd64cacf5233b2a1054b7e2ed5ced314f675ee6e190abc588762b03b287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190233 Malicious code in wasat-foundation-webdriverio-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efd9a86d6be17cbc44f9dae6883bbba2e3a38738aaf80a503bc35aa86bebe5a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189340 Malicious code in sandbox-kernel-web-good-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30a8cbaba2cc17bb7d2f755e8e246f74bf867556708a1559e09e18f4dfad5130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188934 Malicious code in public-bundle-class-iota-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03445ba8a939ca18bdd9df7c6eece70c41c352ef40c472e0eb55792092510cd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188779 Malicious code in postcss-loader-ganymede-metalsmith-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16d3d14c13f394da725b8d17c124c9aa3305c6a8dff021d59ab3c8fcc8fb610c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187135 Malicious code in gemini-dactyl-archaeogenetics-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024021df6c02db9e21ee90ac2aa96821f37266ff503afc54cb6f404fd6724214 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185655 Malicious code in aurora-nodemon-whitedwarf-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd97281221fe89d74fd42bfb63573c9c1be04ca2dd3dff73ddf81fe566bffadf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189603 Malicious code in spectron-chromedriver-thermosphere-cosmogenic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c15b55ba7e54630255482e6868b8f640f70daca32947947e5ea8822a50d97d43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188150 Malicious code in mutation-augmentedreality-archaeoastronomy-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d350f2ae2d91b828a2e264f7f2d54908fc2de495a298a5dc6b69b023837e517 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189812 Malicious code in tardigrade-perseus-scripts-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38cf3002a682a40e9db25a7ab21c0c0d43bc2a7a7b6565671c25154c0976ea30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188837 Malicious code in process-passport-eslint-config-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73f3afed2efbe84aed1b966215535f2da5ba01a01ffc79f5b28b8e3b28fd6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188602 Malicious code in pegasus-pulsar-plutology-astrochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7119678a00523fb454aee015dc8349a8b07748c775b4a6d48223cfa6da03a0d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187171 Malicious code in glaciology-kinetic-paleoclimatology-helmet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e336bb8d16c009de8df8dfcdec5370d296fb90defebf9631d180d7af50f8fcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186560 Malicious code in deploy-good-data-double-unix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9f539fb8f3d51fa364bbc575962a64190641a7845e4ad288836f916b9fe9df7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...