MAL-2025-186208 Malicious code in colors-rigel-bellatrix-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c137eaed40b31b6152069e498b6ba1512a5e4a72eca57a6d5eaed47da47afb55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188073 Malicious code in miranda-genomics-uninstall-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfeacda2b376daee22f78d9a59bb58433ef352a72d825d0910791a5051064406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185366 Malicious code in abstract-hash-key-report-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af67a09c9ac8b1f5a97cb010cec5f8683ef9b54771520fa4630f0ba372d1ba86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189800 Malicious code in tachyon-string-version-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0fdfc74478a9afbba79d8616c10a0a83eb890f0f6898259eec91b20c796be2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188801 Malicious code in prettier-plugin-markdown-aquarius-colors-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93e02a281f78f15c659fc2bc0017a1f4fc72c6e3519a06df0c8b38338db6ed47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185744 Malicious code in balance-dog-throw-balance-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8e2cf175dfcb256e4e04e8d82f344e971002226d736740c3e3050cf4aef44a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185850 Malicious code in blazar-quark-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6051df5e76609f10fbecf1f58e20ad09d8098ec4fed4723d9a81bca13555b27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188341 Malicious code in norma-public-grus-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d707947704d8dc980f2972ded93615029de1eb73f432f2ddb7854bc91653c4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188239 Malicious code in nestjs-equinox-fomalhaut-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54c0cb4105562e09ca2de2cdc72d2a0eeab9560bb0757df8a660d78b0f9c5759 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185661 Malicious code in auth-pm2-xo-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60541e6f176099b0b6014c32803b87028642aab5dbdef63c049df0f8c28d8ca1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186282 Malicious code in configstore-centaurus-writable-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4d2836adf3fb394b565c00ce08f4b87b9bb6ed7d0f8a9228fcd46d24a9735d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188798 Malicious code in prettier-meteor-mineralogy-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db2695a262bc6e69c6034c20bc2c7d9eff61f2b332c8b08bb2467def0f247e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188826 Malicious code in private-easy-string-decrypt-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae8f5ebf1c13bf1a1e8aa5ca2740eee87baa6e70ae9e6675a45d077559c16a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185973 Malicious code in callback-dynamo-lacerta-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6d300878b315b706f8527cf43747b70cde297845c6d57fd85b3a93e8b1d283a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187760 Malicious code in less-mineralogy-airbnb-tardigrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1e150649f9701fa8a91531cb8cfe5a7a8a65c99dfd46ea28f5561aad1fc5b44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187475 Malicious code in init-enceladus-quark-terraforming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d29ae2356859bcc4b9a2c4aaa80833cc872c02d453215111497fe3fce96496f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189074 Malicious code in radiometric-vega-element-ui-oortcloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1260fed5837dd3c43bd4ecea72add038d82fbcf75ec543f03ca004f630806fc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189999 Malicious code in triton-perseus-paleobotany-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a50047252fce66e072640cd3c4b7303162f58edd8f8ab3107fdfa9cd848674d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190406 Malicious code in xo-indus-procyon-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 127166ed7ac52806beb38f75aa00eb00ab30d661f9b3ff074fdf4d093831f339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186919 Malicious code in exosphere-troposphere-grus-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a938b8d5f2c06771aa4f407892665e96dfd1f65f2a61835af1bc190e090aac6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...