MAL-2025-186346 Malicious code in cosmochemistry-lacerta-magnetosphere-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d0d5db9b30a391c486f37cb6ced3a4f296a525efa9c588f34a6a3845fe226e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190411 Malicious code in xo-phylogenetics-kastra-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776f14ccb8c890a6430c25774d01ecc7a4242eb45e1aa8e6b3770b0f3a7f088a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186491 Malicious code in data-node-sanitize-balance-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acb8d9703abe39cfefbc8d1d34c0ba97b94086751ef2aac885f5688de093b8bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188529 Malicious code in paleomagnetism-playwright-blackhole-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3ac923ef3e0b0386e7575fe8798cedb5b699921978d28e61fc8bdbe8f8eaab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187166 Malicious code in geodynamo-ursa-coronalmassejection-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8f67be9f3617c167c0f4dea03f61b4726cc7c8239375a37bf6a104dd60d95e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187490 Malicious code in inquirer-resonance-stratosphere-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8045888615086dcf573d963c334214b9b8cb76ab93a54114cae959a94c16ed66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187942 Malicious code in materialize-dotenv-safe-sublimation-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefa120636cfd6f73b190f56220380ce77849e4a839a8559d1106992e1aa7d8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188707 Malicious code in pino-pretty-prettier-sequelize-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3bde5720db4c2110dd2e282776b87cae97883f7ed7cd03ed524b7a0c027d9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186843 Malicious code in eslint-plugin-fornax-auth-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be26c82a94b33272a9b5391a0f7fe3a8cb9d572639e42301d598f6ff497f416c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187464 Malicious code in inflation-apollo-rocket-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 395b1247c5e72e553ae03620ece5fc27af309bb24287205d0b5f511c0c7a50f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185881 Malicious code in boolean-zeta-fire-omega-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2cb7f8a6641e0545bddde60dbe3e670dbd50d4ad1135e2b340018411b59be59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189559 Malicious code in soap-wasat-frontend-astroinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 035f9ef7998b394d382afc13f9209220a634c21114f0432767956685d56e9cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189567 Malicious code in socket-easy-balance-virtualize-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f81d7224dd9cff3d91e76d5be9e28254ebc4cb9d6646e3dd793d3b04ca87e64f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185991 Malicious code in callisto-meissa-centaurus-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f8c63a0c53777fe89eea8eda0c1a23ede7780098a6b51851bf39db32c4c98f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188407 Malicious code in old-import-decode-table-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3318615e0691a5ff419704ab106e4bb388891cfde25ae060e932dbbe49b4332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187974 Malicious code in meissa-perseus-eslint-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e806cff752234b07a544f7a82097f1f529d1e1a23d1d6276aab2245ee0cc70cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187582 Malicious code in janus-repository-acamar-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c352b7dc2bdb562f75a203a60a62f9bd3e23618797491c44e1f3d6593927eae2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188207 Malicious code in nebula-lyra-astrophysics-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87731194882f0a9904a010dc5c887ceff5fea966c6f645da196e94537a27f879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186825 Malicious code in error-error-authorize-phi-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b340179d411fda452870d0f9f487b221dfa2c4ebd9f2f2e93457306569405e42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...