MAL-2025-186989 Malicious code in firebase-ganymede-registry-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 110bf147f478aeca2501ed4ea4b9701c21692ba23560b2d3f5234b657b5b721e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188874 Malicious code in prompts-spectron-firebase-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43c6a43894d96d353ceb501de44bbbaf622f9e4b7ac2b38bfee7ab5376fb720c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189290 Malicious code in run-script-juno-supernova-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28d5416570aa5bf98628db20b38d6aa688ee1a11743013f75bbbf34b033fb219 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187666 Malicious code in karma-cross-env-mocha-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc707037d54ddbddf16b2cf0245a7546cb636b2bd26cc4ef826e23f5433923df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189099 Malicious code in redgiant-callisto-altair-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c52623704e8e59183b20b689afbfb07d866c14348d1b2354d955944d41d54d68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185661 Malicious code in auth-pm2-xo-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60541e6f176099b0b6014c32803b87028642aab5dbdef63c049df0f8c28d8ca1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188921 Malicious code in proxima-thermosphere-weywot-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2244dab451a96c625aa78d793fcb3ba1931ffe5080498587c46c6bbf7f5a3d62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187508 Malicious code in interface-awk-balance-epsilon-orchestrate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05f2ce4e85cc2ec7f434ad7f50ef8d6c39c253afdf7a7a04aa4a3ff2d93178e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185396 Malicious code in aether-radiometric-sedna-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7134d489c8a851a58b9529605d85a949d662e70a8a5b193333fd2b342b9db97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189571 Malicious code in socket-mock-java-rho-spy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c73783490d318eb38b0f589f800124ffffafbe09192fd2fb01fc5ce1f82b4195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186849 Malicious code in eslint-plugin-semantic-release-chalk-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f76b381638ad18356b8c8d18b10785d541bf3b50f7d3ed0032bd37f205212b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185867 Malicious code in blueshift-standard-altair-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2495eefe689d12164788cd5f8932194479b7babae1155e232d3b3ff8d369fa2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189872 Malicious code in terser-webpack-plugin-centaurus-version-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3c5c34ad44ac941803db664d6a785fac2fd342500558c1c26e98ba07c786178 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188378 Malicious code in oauth-neptunology-lint-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95c4cc16ff1626173c0195d83335a1da888d78e5e7a6f5e830831b1ee8647d3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187721 Malicious code in lacerta-polaris-tool-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e14658508cd2a68cf53158830bd8ec585bd27f436ddb4ef01bbd48b3cf1384b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188451 Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc399df1baa583fe9c5b3c3d19473cebd1498ab6c0de46cdc1ef484368df6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189259 Malicious code in rocket-got-heka-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778e69e1b6a1c981f67cb6ad0fce677345c087976404dfb27b70709dfe9619e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190442 Malicious code in yonder-webdriverio-lynx-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbb715d4acf64ade15a47fd3c5a01c86a6a1ba2777dc7bb8b003d084a247a51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188796 Malicious code in prettier-json-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c227b49ee21c7585211e16c411530204bd43403fecd781aacd0227c4f241de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189591 Malicious code in solis-semantic-release-pm2-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f3fbcd8cfd3f79b4077a30db2336a9949bd3aed84da84464d9498779874eb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...