MAL-2025-187038 Malicious code in fornax-transport-webdriver-manager-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 221b0df03709f994b5ba17d503c03bd119a376ef0490fc537e74dc1413048ccf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188658 Malicious code in phenomic-prettier-stylelint-development-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98e01e9e7bd3ca58db60522d781d1eb1d5bbd8fc4776327cf8da1a38e112b2cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189153 Malicious code in relay-development-update-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d662cd5ff8760a510c47e6ce2df1e9877f2621026be7db837ea4e53fcf873d18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186562 Malicious code in deserialize-book-cloud-awk-finally (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13e29d51b7d8b9cd4caffa0769c0027c85af91ff8a9b069bbc6d9e639050ef36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186346 Malicious code in cosmochemistry-lacerta-magnetosphere-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d0d5db9b30a391c486f37cb6ced3a4f296a525efa9c588f34a6a3845fe226e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187578 Malicious code in janus-proxima-commitizen-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a6bc4d9a93910a9abfe155b6db4918073a892f906dfc978e9495bad17d4f84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189873 Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185519 Malicious code in archaeoastronomy-blaze-panspermia-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74ce19487a2c3093fd4a1524dc20d5246b2f30463a959ed1694fd6e25204a8af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187603 Malicious code in jekyll-nightmare-juno-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 720b0955abd011ee1ffc556684896bfc2c599a4b61ff0568122dda4e4e07ee8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187763 Malicious code in less-radiometric-hydra-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc59368ee0d7cd8aeb4f95689e120819ddbfff2c7c82266ca7fb17267e694aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186747 Malicious code in enif-axios-schema-biotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1aa20538098eb6552d01fad1a88faa22ff2b7e24c3c19f05a7101d9ebbf5dda This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186032 Malicious code in cat-minify-cold-reject-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32c65a38066677839d90818b4977e99e296362c59be875c64b11287406021b94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186598 Malicious code in docusaurus-thermosphere-aquarius-rehype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9cff65c97dcfbf5b82d994578654a3152ecc637488be528804a85e738be615d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189694 Malicious code in string-crust-exoplanet-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607e2f5aeee990d1d2e3b76b3468cde2ee84ab17224b598c35f9804f65bcc526 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185476 Malicious code in antares-terser-regulus-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c661c89405ec93ba721141d9f8248bb6122224fa99b0f559847f0fed24d07a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190406 Malicious code in xo-indus-procyon-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 127166ed7ac52806beb38f75aa00eb00ab30d661f9b3ff074fdf4d093831f339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188327 Malicious code in nodejs-oberon-ignite-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e482bde61fb3e85e4f0ddaf6dbd2bc2b7e66e9546b44fb6bde77934921f5482 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188073 Malicious code in miranda-genomics-uninstall-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfeacda2b376daee22f78d9a59bb58433ef352a72d825d0910791a5051064406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188153 Malicious code in mutation-dotenv-leda-crust (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86e570963bb062fbe8ee0fcd2d824c2439b265e90e824a4f45dbfd0dc83ee61f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188805 Malicious code in prettier-plugin-markdown-lint-jest-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4732bbd796f8b60aa6eaaab2fad1af9c69bb1acc6c805e0ccc202d281754d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...