MAL-2025-185864 Malicious code in blueshift-lynx-dotenv-safe-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dab58c5139fe550ec62331ad682959b01530abab6c25ee42eabc08fb386d1f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189907 Malicious code in tethys-schema-proteomics-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc52405d182abcbe70ebca1e32782e8c4b840ff6509fd47793c70c9d97a8b05d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189370 Malicious code in scale-hot-tree-cache-execute (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca31f523c05889fdf9ef41a4517c7fe41532a653c9225ca1d2fc0b4f96c7b705 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187137 Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef8b0e335c02e9e3202c8e0195d3bfd55501baef7ef0af424b6b5b8eb2310c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186635 Malicious code in double-rain-protected-import-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8581e04e65ec57750c45a77518bc0bde32027cce7cec3092673048972abc390a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187675 Malicious code in kaus-triton-sadr-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea9faf4f30b1aac05c7e7a00fe9b84e14833a19549318de6dae1371066e68ffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189805 Malicious code in taphonomy-neuromorphic-cressida-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c3f8ac8424eb2fd06c7645a3bde838a9dc858cb027eef1fa0343a1bdc4319b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187220 Malicious code in greatfilter-greatfilter-kastra-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6aaa89df8927946010667fcd1917704d7b1e9657c9426eb3b312c527b34c8896 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186441 Malicious code in cygnus-got-nconf-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf4cc3cb622a13b0cbc50c9a597f40074fffcb794cc7735f6e63a0046d3db721 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189873 Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188458 Malicious code in optimize-theta-process-cluster-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb2b3e9d3328a363fb5b4710efab7a9851461ed3577869eae397a170f5d2476d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187464 Malicious code in inflation-apollo-rocket-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 395b1247c5e72e553ae03620ece5fc27af309bb24287205d0b5f511c0c7a50f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188278 Malicious code in nightmare-start-meteor-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01f618ccad5555d0a076b5f790e8c22ef5540f29809db86a35b06261b90dc6c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185383 Malicious code in achernar-zenith-ultra-joviology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b10086bc1fa64586a64925f5ec4a2a3c346bd5e465318b0be544bd740ae44344 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186659 Malicious code in dysonswarm-gulp-dendrochronology-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df2900cd899be02f8b927b3a22067e8f4e1e87d3b8ee57a7ad44205167f4a2bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190008 Malicious code in try-benchmark-assert-module-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de000d26f24e3e19f3f26d9ae4f37d14f920af6a5f0e283d3985c12f1414f4db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185635 Malicious code in atlas-browserify-rigel-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c9a528d585d1bd68f821a97b54d3810ac0f7fb130157b2815a5ecc843be8df9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185618 Malicious code in async-eta-try-balance-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16ce88a7db07011ebd02f6deb6abe9ec27e30f28d503c3580ab35c829a94c70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...