MAL-2025-188594 Malicious code in pegasus-filament-meteor-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aa9a3400f1241a8a8b6722778c946764f66a673ba27b0e9c822be836a418815 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186032 Malicious code in cat-minify-cold-reject-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32c65a38066677839d90818b4977e99e296362c59be875c64b11287406021b94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186267 Malicious code in concurrently-grus-vuepress-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7074c66c67ba8954226ffe4caea4be815b7cbdb15439e2f2e1a589d8eab0e173 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189397 Malicious code in secure-old-deploy-resolve-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd40e8463e8ef60e60e2f721f62d52e42e5b10ad7481073017d47ad4d0616fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188000 Malicious code in meta-load-thread-grep-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 109caf8ad26be27a56c9b5d71584ee315b90d7198b132c76436f93ddeb1a2f10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188007 Malicious code in metalsmith-ganymede-gravitationalwave-biogeochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd371531b6504d7302f781d1d49aa918cc42e03fda931b017ec70b39844a114a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188015 Malicious code in meteor-cache-fomalhaut-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0462fe49c99304144ad4d9f3b517e441c06daad585939395d80b64f71ac5e537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186406 Malicious code in csrf-bootes-html-webpack-plugin-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e683c14d1e59c58cadcd514400f46ff49670101cb068cc2ecf1d95b413dcf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190358 Malicious code in xanthus-redis-scripts-fomalhaut (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5378a4c2406d3bf5d4a642721349c3ebe3396f5805ea6a6298f597ae191792cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189552 Malicious code in soap-callback-convict-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4922425b583d08a372e377d0b2ee372ad8912aa2da5902301f4c5ec520af10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189258 Malicious code in rocket-fomalhaut-sirius-kronos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 344f2bc058eebc6954eb5e9126619426a4e49a9670f2df757ea7590314e6af3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187908 Malicious code in magnetar-eridanus-middleware-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ead7461c3d12da73b3122b7ebabc893dd659348b18da148e543e262a5a0c0c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187860 Malicious code in long-nu-new-nu-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f181626cd1e58ae54d5a7e6958edad8e897a4a8cef1412d594b4d7f983ba163 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190317 Malicious code in whitedwarf-fomalhaut-nodemon-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 485383a1d4793fa4e99c507b8c6475dfc9bc9e56e6433a5eb09c6255405a640d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186925 Malicious code in export-zero-orchestrate-zero-compile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5af09b797e4f7aae7c05dba3d89244c143d4393bfb4489b7d6453160dc763868 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188416 Malicious code in omicron-bundle-file-final-warn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6cd56b17c0b82597e1e036cd7fb05112f6c2cf312bf53a0bcad543dfd985bc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190241 Malicious code in water-cloud-public-big-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49323ade98a3fb6caebbe0cc2612cdb4f4fc617e455e9031e1cb581830ed868 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189273 Malicious code in rollup-plugin-loglevel-archaeoastronomy-on (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ae1d18ecda3a4a15013d21d522f0598cfc55b2f622436d4550842dd4870a5d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186510 Malicious code in decrypt-sun-mock-rain-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2d06f22646305412a369e98d2bca79aa51a5c48223ec3e26e326ab67cb75d6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185370 Malicious code in acamar-child-process-oauth-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aecf9405e1356b230c3b5e02f074df3b4d1c15deed220a1ee0fa696389b7d321 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...