MAL-2025-188955 Malicious code in publish-prettier-stylelint-seismology-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43052a28656f175ae88ca3541de9f3932eec1054bee702e2ee6c71eec895aa73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189618 Malicious code in spectroscopy-webdriver-manager-await-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd63e8f2ff15aafdf183c39b1a3af9623710f2abe9e62e6cf0138f4389f6a0ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188837 Malicious code in process-passport-eslint-config-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73f3afed2efbe84aed1b966215535f2da5ba01a01ffc79f5b28b8e3b28fd6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189748 Malicious code in supercluster-filament-cosmicweb-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38ef3c54e4785f181cf7c10d8c75738e81ad775e2ab94caef427ea09a612add9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hugo-miranda-prettier-stylelint-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2ba474c5aaf42da186212d66893866c1fbe6c58cc6ca0109aa83c82304aba0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in test-sigma-reject-daemon-cold (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d5779091401cd3ba770f292c82da9cbaa34004c715553eda2967832efced57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in iota-release-it-stream-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baa57807101bbccb1ed65d8bbde73a1aec0b5c86283b35a5d44a29439362fb73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in firebase-indus-biogeochemistry-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2f7d463efef4ff5f61869e121b0565321a7327a631f0dec3c6b17ce11bace4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187791 Malicious code in link-emulate-double-table-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f82ea3cfbf4ead6d879ce2cf3a4148b644434223de5718844f6f514cef0a842 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188061 Malicious code in mira-pino-impulse-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a1147eb997379acf6a6c10728cc952cf4d610b234389989f89effcc5486ffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187658 Malicious code in kappa-lambda-bundle-omega-bad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b3516bb36d404921aab8ace5bf2b731d171a18c77988e5770e5d3d3db842d08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189944 Malicious code in toml-apollo-materialize-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9f49e2bebc95df8cd832e85e4c59762a5d447566c87737a0b06568fcf2cbd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190104 Malicious code in ursa-comet-cosmogenic-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd11b0b7a1927f924e9836d71f861f050ea05f975ce2f6fb00a09cfe62d5135f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189050 Malicious code in quito-fornax-dynamo-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e424c895ae2c5174fb36eb355139f09e3b04dedf5ca047eeea84746b5602e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187245 Malicious code in grus-pipe-websockets-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e908ab5a9f1588062bc9ccd9e3447dc656308f6a5f76ad9232116d8165cebad8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187008 Malicious code in fomalhaut-venus-pavo-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 329c73a08e9f3032f6b513ae004fb488440b7b7fae9069985ce5d0cf7d9d76f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in concurrently-grus-vuepress-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7074c66c67ba8954226ffe4caea4be815b7cbdb15439e2f2e1a589d8eab0e173 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-daemon-try-omega-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e433f4a84e6efa7b11638b10854c927218008bde39976e0df1922164229fc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-jekyll-polaris-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 185b2314d9675d6e627b2ef3b7251acbba2ffb5ecf02743553126f3e6cd7e1b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in epimetheus-uninstall-cressida-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efbfee41fefce5715d914720f5044a88f951f4b0361bc31c803542153c084c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...