MAL-2025-188796 Malicious code in prettier-json-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c227b49ee21c7585211e16c411530204bd43403fecd781aacd0227c4f241de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189009 Malicious code in quantumfoam-biomimicry-sedna-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34178369b768ca695f8d713f406ff7b59fd866b6f19b4cb81e6d487e44b50635 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186863 Malicious code in ethology-zephyr-dorado-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d6ada6b7366b59dc664dade1f8bc9f3d3c48b7518f8ab2b2d715a6cf873db80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in achernar-ursa-server-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d7856e46345ac0a8d4e9a71a876092fdd5bbd9080d350dfe107e611ac8b883 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gulp-cluster-hermes-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75be2e9a1f4408daffb548607099533dca2e521294c032121214e57670fec67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190135 Malicious code in vega-toml-hexo-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efb24c32e4d09b99287614e8f188638625c244dfd0b4f79bb5170f0788ef9b80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188837 Malicious code in process-passport-eslint-config-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73f3afed2efbe84aed1b966215535f2da5ba01a01ffc79f5b28b8e3b28fd6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189047 Malicious code in quick-validate-transpile-cluster-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee10f0bcabc32d9ac66632a283a2ba700f31cfdfd2a8f280a980368720bf754 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186146 Malicious code in child-process-stratigraphy-subduction-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7c49dd3945225b658c5a51f33c18f72ccbb43fd246685797fce72947468f0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189017 Malicious code in quark-dorado-ethology-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9270626698c8706953e8ddc2fe61d99577497576cc954a81c95ae6ad4a0c625 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186792 Malicious code in epsilon-protected-reject-parse-benchmark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35e2002f19bc3435a3e86a887d2655568e319690d4a9b1e37aedef4be186df3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189899 Malicious code in testcafe-pegasus-neptune-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac5221cad7cd712e89acfbcde1dd98b932035fd9b6052bfe6f8122e1b304bb29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187113 Malicious code in ganymede-style-loader-xanthus-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a5f45d9564f44b2db677d8a064664c3950bbf58615506c9507134b1044b3ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189001 Malicious code in quantum-darkmatter-native-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4b7d2e949c0c56d06fd440de24261c533ae34fa972d0a9fb8cd3cce716c207 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188451 Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc399df1baa583fe9c5b3c3d19473cebd1498ab6c0de46cdc1ef484368df6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186368 Malicious code in cressida-indus-epimetheus-borealis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86889f7ce22f369521ce2fceeef29b4481464a118b534f7a620ce86b6d283dfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186743 Malicious code in encrypt-cloud-boolean-double-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d51d8521f0c86d79f842859e96a3e5519e5aa8368916c9b28ffdd652c6afe78e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189588 Malicious code in solis-chakra-ui-comet-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c944e50187a88c0aa55f68b8a6f137dc34aa9a7e65fc342d26e2ab27158f1c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186878 Malicious code in eventhoriz-ariel-atlas-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92528c607e087330fb36dbf06bc64f943543eede0e85245ebaa7e3c0e0699c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188729 Malicious code in planckscale-augmentedreality-relay-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5f998a78e0845bead33d6caedda7cd51aea9b95c228d8eccca9940a5fbfef87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...