MAL-2025-185532 Malicious code in archaeometry-airbnb-mira-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58048d67db0cef8fce7a3b4037d8696098f4aa0f7bfa02aae2be59d7ab5b6049 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightmare-start-meteor-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01f618ccad5555d0a076b5f790e8c22ef5540f29809db86a35b06261b90dc6c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in blazar-quark-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6051df5e76609f10fbecf1f58e20ad09d8098ec4fed4723d9a81bca13555b27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in soap-membrane-thermosphere-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 170ea9563c8b172d76653b10f5c52e414d07daad6ecf7e43ff3f1cb6a7feb60f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188341 Malicious code in norma-public-grus-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d707947704d8dc980f2972ded93615029de1eb73f432f2ddb7854bc91653c4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188934 Malicious code in public-bundle-class-iota-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03445ba8a939ca18bdd9df7c6eece70c41c352ef40c472e0eb55792092510cd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185822 Malicious code in bioinformatics-proxima-uglify-js-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b2714f42d0f923659472aa13696e78a1b29164f409010a8320d0433129c6c99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185742 Malicious code in balance-char-byte-final-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 817e865ae1c8a984187cb4dbd722f2a15ab88822dc1ff846b8b0644a317fdc6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186002 Malicious code in capella-yaml-innercore-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 372f99cb9ed94cef8bc325e39ea217a894b8578a523b5ea09806bdeb8df4ca2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188881 Malicious code in prosthetics-outercore-javascript-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c931a82fa3afff46bc1fe441ae31982dca93b3671d9adfa8e375f3fe42ef6c9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188275 Malicious code in nightmare-mesosphere-iota-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2277b8efd1d670698357ef4928cfdeebcbaf96d247814a668af92fe7f157f8e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188025 Malicious code in meteor-hadron-hermes-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 406ee3b851ee1ae01cae0c7e1ae0e6a83e9ce50744299402f3c59a7ed7950003 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189050 Malicious code in quito-fornax-dynamo-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e424c895ae2c5174fb36eb355139f09e3b04dedf5ca047eeea84746b5602e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189812 Malicious code in tardigrade-perseus-scripts-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38cf3002a682a40e9db25a7ab21c0c0d43bc2a7a7b6565671c25154c0976ea30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187791 Malicious code in link-emulate-double-table-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f82ea3cfbf4ead6d879ce2cf3a4148b644434223de5718844f6f514cef0a842 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186476 Malicious code in dagda-technocracy-commitlint-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5d983e33879369dd931cad741e8149906dfd91e5b8a8b102b534b4b2cea15f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185750 Malicious code in barnard-soap-gravitationalwave-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fb6bb311abe39715f83590bf71d33b3e1f29c30ebcd134a8d514362a9b9313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186986 Malicious code in finally-validate-spy-transpile-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9042f0ca03575eae11d95191fb56e4a493c9d9cc6f78b44ff5664df90a5eae0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190009 Malicious code in try-data-signal-cloud-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49def6b1332bdc84897f7c299b32c7df0ec1130260ea17e9bf6f0969738691d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189603 Malicious code in spectron-chromedriver-thermosphere-cosmogenic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c15b55ba7e54630255482e6868b8f640f70daca32947947e5ea8822a50d97d43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...