MAL-2025-189100 Malicious code in redgiant-cypress-mesosphere-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7930495e498f951b678a425515b1e968f43a896afad015516602ba290771553 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186950 Malicious code in fermion-graphql-dorado-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156aba819cfd2340b0c9d68893c6aed5648b24dc7c6cae940d16954a19f4108c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190473 Malicious code in zero-daemon-small-fire-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0a0456658b09d6abae40aec0e7b3864570435f2c3bc449f3470354d85bff0d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186420 Malicious code in css-minimizer-webpack-plugin-framework-nextjs-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f30f366708cef8bca649ed0d2111bba2e06d274b44d3c3ffe7f6ccc876441e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187337 Malicious code in hercules-local-ceres-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76d57167e63295d71eb4e13acdee38c498bd82d462e3e2fd11611b1559029127 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190043 Malicious code in umbriel-bootstrap-polaris-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7e22f661b3b8aa6ba56ea19195787c22f7e2c718cb13c4698d74adefd90d00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188598 Malicious code in pegasus-mui-dactyl-terser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a0679388624378e5407482bc78a5f6cf2643b9db492ccb69df51e7e6c4a27ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186904 Malicious code in exoplanet-izar-superposition-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886be052250c8da22409a509f63c9e24a06168838b56a8677333e16aa414e897 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190267 Malicious code in webdriver-manager-venus-coronalmassejection-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a9f79b52091ebff932b871168c288a94bf9d5c3465addfc54adbcb69c3ca52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185642 Malicious code in augmentedreality-fetch-gravity-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d088457581e114c96306e6650f3f92d9e217ab0cfd12d8df0a74cae837196d98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189394 Malicious code in secure-big-user-unix-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58302a7110a1c0f90f3bedc311dc5eeda947f3da8ac2e2e1dd37e19aa2b0347e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188126 Malicious code in morgan-planckscale-rollup-plugin-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4038564189cfc4df64c4d821d73f7186c042f00c151dcc46dd3e83c3e152b8cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189946 Malicious code in toml-ethology-cordelia-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18524f8a4185f881f243daf29ab7f4540519e31f88063d8df886042a8f651320 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189926 Malicious code in throw-deploy-throw-error-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b20c3c771e32c0b392b91da9e97f752eef7fbebc0e9ddce5f5add7836d33d54a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189587 Malicious code in solarnebula-testcafe-redshift-isostasy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a15c52af2d5e39295813eaff4bd1238055cd3382c46f9dbad1c88557512906 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187128 Malicious code in geckodriver-nebula-spawn-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0f439f3314d535195f43a58fea27de3a38211dbd7367c379d737eb31a99b2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189412 Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185543 Malicious code in arcturus-fornax-thuban-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7009c927b5e00df689b7d6fb41e960faddd6fa557d4deb76f787a5556c51e1d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188339 Malicious code in non-blocking-luna-axios-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90d96a5087b0d86ea97cb4b2dd3fb37497ff4b0f4a61dc835ba9fba5a1215d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188756 Malicious code in pm2-development-postcss-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8abe1ab361bfdc7c9bcd7a0b5a189b4e741150d6a0e1f27487db31c5615e1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...