MAL-2025-187189 Malicious code in good-bundle-scale-grid-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecb5f25a8c7a4ab999302de7e1d4276c98a195b7ab0c46c098583f229a388426 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187582 Malicious code in janus-repository-acamar-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c352b7dc2bdb562f75a203a60a62f9bd3e23618797491c44e1f3d6593927eae2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188717 Malicious code in pipe-cz-conventional-changelog-meissa-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f76581a30ce1561ccc8aff0c4f6f3ecc981e5d814d26ad12af5b54f32937a161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187791 Malicious code in link-emulate-double-table-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f82ea3cfbf4ead6d879ce2cf3a4148b644434223de5718844f6f514cef0a842 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187245 Malicious code in grus-pipe-websockets-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e908ab5a9f1588062bc9ccd9e3447dc656308f6a5f76ad9232116d8165cebad8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186537 Malicious code in dendrochronology-colors-cosmos-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c58b497bfa810639e7f04a95d1dfdce0066084759d6a3d71419afa81f4dd6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189944 Malicious code in toml-apollo-materialize-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9f49e2bebc95df8cd832e85e4c59762a5d447566c87737a0b06568fcf2cbd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188796 Malicious code in prettier-json-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c227b49ee21c7585211e16c411530204bd43403fecd781aacd0227c4f241de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188173 Malicious code in nashira-winston-aurora-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9af5c52e6cf6987260607279112d0d054adf72f69bd5cad9cc62fec8cf109c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187065 Malicious code in fusion-inflation-dactyl-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afd7df62b134bcc7afb6138cd72c0148fe9828de23d7012fa0e5c0c2047e9063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189050 Malicious code in quito-fornax-dynamo-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e424c895ae2c5174fb36eb355139f09e3b04dedf5ca047eeea84746b5602e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188654 Malicious code in phenomic-loopback-rigel-mechatronics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2c60808f9819379866cda6ffe21efd73b974a445126a3dbefeaf8be4e60424 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186079 Malicious code in chai-javascript-pulsar-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e42433738cc5a2accb6a2b35a72082ee4ac69aa8f58a357c9658e5819a94fc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185652 Malicious code in auriga-uglify-js-repository-thuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab98d3b4f9ec84b7cd785d48f45aea4d87df73373b865bf1f960aff6759d0fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187860 Malicious code in long-nu-new-nu-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f181626cd1e58ae54d5a7e6958edad8e897a4a8cef1412d594b4d7f983ba163 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188955 Malicious code in publish-prettier-stylelint-seismology-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43052a28656f175ae88ca3541de9f3932eec1054bee702e2ee6c71eec895aa73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188181 Malicious code in native-izar-hugo-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e143261e25d85f5930587a8ae6cd5283fdeb5dc27f73d7259d447f36fe131f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186137 Malicious code in chi-mu-socket-cold-small (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c962890667949b1dda36ebe56787555eacad6d8b589542c2a0f944f45c3d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190042 Malicious code in umbriel-ariel-rigel-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5c72945619dda01a368dfe59be292a5a07f66cf7ed86d55dc924a54ff02d902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...