MAL-2025-186441 Malicious code in cygnus-got-nconf-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf4cc3cb622a13b0cbc50c9a597f40074fffcb794cc7735f6e63a0046d3db721 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187825 Malicious code in lithosphere-pegasus-jest-paleoecology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fac9378ba65444786e230b66d8117785b3cbf66c7c6c667007647fd65d49e95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186648 Malicious code in duplex-parcel-nodejs-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa06346c89852e6b9c279cbd0b49045bb71d5ff9157585fa04bc9c20fbbf44d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189229 Malicious code in rho-alpha-phi-cluster-water (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6e7a4ef57dd54f76ac6aa11467b48f4f5cc687a1a46e1934d0b1dff8c2cf4f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190149 Malicious code in view-object-promise-xi-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9385f29155a61233a2bd59a79bcffabf2586fec1e93be8a46e069aa0cbcad4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186779 Malicious code in epigenetics-graphql-tailwindcss-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bd945513f752e172da155108dae68cb71e0aa8ee82dbc96af971f7560437f08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188080 Malicious code in miranda-native-cross-env-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c98691086a9cd5b5817eb65f3e3379f8ecc8cd6c0265c8261ec01e76d2f7d4a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187391 Malicious code in husky-bulma-nebula-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029de86705f76c06a577e00966fac5cdab3d36021be7d50cec1844bd03f7b785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185746 Malicious code in balance-quick-throw-bash-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0add969aba29a3927363cccce51320086be073ea29a996c0087d9ab4119c23d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186098 Malicious code in chalk-mui-neptune-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136b3090f7d6b067b36297ef6ebb55a84557fb83a4e61d63cd6cefe4a117bd14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187982 Malicious code in mensa-spectron-webdriver-prettier-stylelint-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c01f67010d3ce6356b532d86ad6e498d18ab64a061856b395c3e02a92872fe6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187124 Malicious code in gatsby-tardigrade-hyperion-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 045b9fbb41e669808e8b242f695e928285d9a881632315fefcd95b7b3149f24b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187251 Malicious code in gulp-javascript-carpo-markdown-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f3fb31d46de531e486584cf860923fbaef0e8a21f7f9233132af1ea5a5ebc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188956 Malicious code in publish-proxima-glaciology-kinetic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2708eebd804a59d4e418e03bd88ebd3af318ca6d70d923ba07a3a1b203c03d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186172 Malicious code in cloud-class-stack-xml-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 233273838b0bc9fcd5abb46cd15a57798f84aacac1be400324b3c6b7173ae244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188826 Malicious code in private-easy-string-decrypt-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae8f5ebf1c13bf1a1e8aa5ca2740eee87baa6e70ae9e6675a45d077559c16a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187866 Malicious code in loop-quito-hyperion-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1026aa50dc1e0844d749d156395863d5338ea4214c14c836f4ac9d9e3515500 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188122 Malicious code in moon-small-nu-rain-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcf2a1dc5076c624ca43163bb493e90fd98998b7c3805d3aa5c9f1f5817c3db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186743 Malicious code in encrypt-cloud-boolean-double-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d51d8521f0c86d79f842859e96a3e5519e5aa8368916c9b28ffdd652c6afe78e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186192 Malicious code in cluster-wind-fork-view-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5047c654c3a5d136a00aaba828d7028a4483a1b72fb55a1d2ffff40fcb45f3ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...