MAL-2025-186849 Malicious code in eslint-plugin-semantic-release-chalk-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f76b381638ad18356b8c8d18b10785d541bf3b50f7d3ed0032bd37f205212b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188947 Malicious code in publish-ichnology-eslint-config-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1632875bdcfe6f85b8d1e6bf0269dfd2a2eb7755789677cf74531f47a7a1d82b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185366 Malicious code in abstract-hash-key-report-load (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af67a09c9ac8b1f5a97cb010cec5f8683ef9b54771520fa4630f0ba372d1ba86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189259 Malicious code in rocket-got-heka-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778e69e1b6a1c981f67cb6ad0fce677345c087976404dfb27b70709dfe9619e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186598 Malicious code in docusaurus-thermosphere-aquarius-rehype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9cff65c97dcfbf5b82d994578654a3152ecc637488be528804a85e738be615d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189694 Malicious code in string-crust-exoplanet-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607e2f5aeee990d1d2e3b76b3468cde2ee84ab17224b598c35f9804f65bcc526 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185476 Malicious code in antares-terser-regulus-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c661c89405ec93ba721141d9f8248bb6122224fa99b0f559847f0fed24d07a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189109 Malicious code in redis-epimetheus-jabbah-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6772a2748dfd8052df353660cdf46ee191aee541abb93639ff7612b651bddb89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188011 Malicious code in meteor-australis-filament-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82d038323a86465eb976d3950a5e25d222716df1de1bed41c119a8f11b7642f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190164 Malicious code in virtualreality-abiogenesis-passport-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216de1758c390287dbbb13dfbd2b313f02658117cb686365a5d236b6ffd10c7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188224 Malicious code in neptune-morgan-pyxis-australis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a87db8a27a89fe726fb48c35503b12c1183506aaf4a9a2d8765e08c568c719f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185661 Malicious code in auth-pm2-xo-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60541e6f176099b0b6014c32803b87028642aab5dbdef63c049df0f8c28d8ca1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187282 Malicious code in hash-char-new-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 157e9621c61fae908d1e7be8b87a7307a60fae9033b01116533f0b50fe64262d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190368 Malicious code in xenon-apex-ultra-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d255eba690342099284d8bf8a8103b1b72404c253a39810bbe3abd1882f8030 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186989 Malicious code in firebase-ganymede-registry-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 110bf147f478aeca2501ed4ea4b9701c21692ba23560b2d3f5234b657b5b721e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187666 Malicious code in karma-cross-env-mocha-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc707037d54ddbddf16b2cf0245a7546cb636b2bd26cc4ef826e23f5433923df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185635 Malicious code in atlas-browserify-rigel-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c9a528d585d1bd68f821a97b54d3810ac0f7fb130157b2815a5ecc843be8df9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188451 Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc399df1baa583fe9c5b3c3d19473cebd1498ab6c0de46cdc1ef484368df6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190442 Malicious code in yonder-webdriverio-lynx-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbb715d4acf64ade15a47fd3c5a01c86a6a1ba2777dc7bb8b003d084a247a51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...