MAL-2025-185608 Malicious code in astrophysics-mesosphere-neptunology-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 684bd004536091223ef4c99151f120e9e68cf9d9e4b2583634be658dd965d50d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187626 Malicious code in json-miranda-karma-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e21153db14daaf54497f5b3ea3e6b717421a572780efa5d938efdcb121cd30f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188880 Malicious code in prosthetics-local-canopus-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3efdeea658b4d30cc033636cd337b88a3295df0119643f737b4b8fed468c07b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189514 Malicious code in sirius-darkenergy-selenium-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d8a88c1473d6d62a4e97fff41207584a1a760e37bfae59d36105075e63250f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188490 Malicious code in package-changelog-css-loader-slidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf183518eb8813f78ae38737637f90dad98dce465ad977d4ef42935ed1a8da7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186346 Malicious code in cosmochemistry-lacerta-magnetosphere-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d0d5db9b30a391c486f37cb6ced3a4f296a525efa9c588f34a6a3845fe226e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186262 Malicious code in compress-async-rho-boolean-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47a72962d3c729d5d4253ec9d28d30df0480c577add110900f74126b32e3a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186546 Malicious code in deneb-iota-xenos-celeste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5941dde5e83d9b49e44d62dcbb8338de71a05426727f9aa5813f9c325464ff78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185392 Malicious code in aether-mui-postgres-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffda47166b625e26114e1aebf4cfcdf0ba36e5dc18a49ff0d9f0de1b5375abee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188638 Malicious code in perturbation-blaze-singularity-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d94ee357e591d02062c95c64888251cbd977c18af9279759332c2d7380f162 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187642 Malicious code in jupiter-scripts-html-webpack-plugin-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31eee506ff144bca2954b06b2cc81c5b33023ff8cff1b6cc66e7722a2f83da7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188388 Malicious code in octans-cybernetics-carpo-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ccceeb81b50f8697417fb024032614df089a3bf9fcca910299ef4ed8c3a23b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187490 Malicious code in inquirer-resonance-stratosphere-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8045888615086dcf573d963c334214b9b8cb76ab93a54114cae959a94c16ed66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187699 Malicious code in koa-eslint-plugin-corvus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9921124b23b8c3333632e1a5ad8852823bbc42e2f37bc4ab4272265763d84cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188921 Malicious code in proxima-thermosphere-weywot-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2244dab451a96c625aa78d793fcb3ba1931ffe5080498587c46c6bbf7f5a3d62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187851 Malicious code in loglevel-meteor-mui-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ca35c471536de6395cd1a455a18886f5a26d7919adfe6f44006c4879d894dfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187139 Malicious code in gemini-hydrogeology-panspermia-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c40c172857580cc93044c60ee5d17491d6289b26917933d9371df9d2b794e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187250 Malicious code in gulp-cluster-hermes-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75be2e9a1f4408daffb548607099533dca2e521294c032121214e57670fec67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188796 Malicious code in prettier-json-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c227b49ee21c7585211e16c411530204bd43403fecd781aacd0227c4f241de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189009 Malicious code in quantumfoam-biomimicry-sedna-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34178369b768ca695f8d713f406ff7b59fd866b6f19b4cb81e6d487e44b50635 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...