MAL-2025-189290 Malicious code in run-script-juno-supernova-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28d5416570aa5bf98628db20b38d6aa688ee1a11743013f75bbbf34b033fb219 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187793 Malicious code in link-loopback-hydrogeology-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da395659e113c0159b3a1ffa62f95566815334d185057840f3d59b3c5e74e71f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189861 Malicious code in terraforming-astro-virgo-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a183fa87002850d00bdd17934b7cf22fb2ada6f42a83f55d806e8be99a42534 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187922 Malicious code in markdown-cors-janus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab8745a2c08a63be222f6fec9a081416e65831afc979c6869d1f90457518dff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186993 Malicious code in firebase-selenology-blitz-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba84248994554254847bbbe7d4d7c2dffadaba57bdad95b53540b7220944baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187789 Malicious code in link-cold-file-mock-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b00633ef23678971f439a4d09b982591e85b2cf14df23a52dc20c721a6ebe3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186098 Malicious code in chalk-mui-neptune-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136b3090f7d6b067b36297ef6ebb55a84557fb83a4e61d63cd6cefe4a117bd14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185479 Malicious code in antd-playwright-ichnology-technocracy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c68692941d88ebe215bb0d8b8ad358a855839c7d267716798d4924516a6e1de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189521 Malicious code in sirius-registry-webpack-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c310c475846e8ee5e7c18a1b32e566c7929067fa02791639c37510e9d7820c0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186175 Malicious code in cloud-user-static-promise-stub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d787f6189bc96274381f7572cc6423c6e4d61f53808ec5322dafced3748a3f0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187985 Malicious code in mesosphere-bootes-primatology-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a8eb4476e67bc8ba2d8ab0e4bd9d74c8303fd6ff5f358e8668ac8c8457cf414 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185750 Malicious code in barnard-soap-gravitationalwave-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fb6bb311abe39715f83590bf71d33b3e1f29c30ebcd134a8d514362a9b9313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187908 Malicious code in magnetar-eridanus-middleware-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ead7461c3d12da73b3122b7ebabc893dd659348b18da148e543e262a5a0c0c27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185410 Malicious code in airbnb-oscillation-commitlint-config-angular-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baf800470a1681acff5740acba90cbf70748786015854f1268ff0cedb463fff2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188826 Malicious code in private-easy-string-decrypt-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae8f5ebf1c13bf1a1e8aa5ca2740eee87baa6e70ae9e6675a45d077559c16a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189397 Malicious code in secure-old-deploy-resolve-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd40e8463e8ef60e60e2f721f62d52e42e5b10ad7481073017d47ad4d0616fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187413 Malicious code in hyperion-kastra-paleontology-magnetosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d31eb3cd862886d18136d81f8bb0cf91c2c741c8992f6409480b516a287b79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188185 Malicious code in native-rollup-plugin-sagitta-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00d49cf4e544253b65eeab4ed53118e7a101dca71f9c8857859e37df800820da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189534 Malicious code in slidev-deimos-heka-warp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fb3bb833b59090c2273ee64229cc9bcec7d73e1125f4e4122edabdcb374d90f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186328 Malicious code in cosmiconfig-deimos-kaus-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b417397ddce4e37930565b0788e7a53a679b19a15884a94a966067146ae2b85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...