MAL-2025-190348 Malicious code in xanadu-dotenv-safe-markdownlint-materialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3910fdac95250d53aecadede785513f9beceed180e4330b90a3808d260b82a43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188150 Malicious code in mutation-augmentedreality-archaeoastronomy-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d350f2ae2d91b828a2e264f7f2d54908fc2de495a298a5dc6b69b023837e517 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186922 Malicious code in export-hot-cold-orchestrate-awk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29679a768cff74bff87249c600a87ea07ac325f73af6665e836040a9722c178 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187508 Malicious code in interface-awk-balance-epsilon-orchestrate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05f2ce4e85cc2ec7f434ad7f50ef8d6c39c253afdf7a7a04aa4a3ff2d93178e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187135 Malicious code in gemini-dactyl-archaeogenetics-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 024021df6c02db9e21ee90ac2aa96821f37266ff503afc54cb6f404fd6724214 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187115 Malicious code in ganymede-volcanology-meteor-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 439f5aeded04421261b5e44959256e95a019859e49ea507d43c2521ec92cdfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188101 Malicious code in module-palynology-kronos-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbbb0c80c490b51b1c0db117fe652f90324d49f399fb71d1be2c441edfa21254 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187282 Malicious code in hash-char-new-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 157e9621c61fae908d1e7be8b87a7307a60fae9033b01116533f0b50fe64262d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187391 Malicious code in husky-bulma-nebula-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029de86705f76c06a577e00966fac5cdab3d36021be7d50cec1844bd03f7b785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187870 Malicious code in loopback-remark-cordelia-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d03050b2cb2866d7de11164971c4591795fadadb14bdf9da6411cc366238b169 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186194 Malicious code in code-interpret-finally-decode-cold (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda77329400e2d6d937de5ec4642461363583de5cc3bc09ba36c5270ced52d51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185891 Malicious code in bootstrap-kastra-event-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2df2510f2f174eab60a7a3916ad6759fd87b80db2bd5c6f9164cf9fcc0be69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185615 Malicious code in async-css-minimizer-webpack-plugin-heka-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33b0f9fca81fca86a14b33c7bfac2d72987607fea039001a9568eff34c879063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187486 Malicious code in innercore-yildun-blaze-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c6a67c1532daa0289287aa51f609d0b21a44bca1e258d173afd670f7b9aede7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190319 Malicious code in whitedwarf-meissa-standard-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12016985bcfbeb9b567e3b4dd9080f0f3918ebd691305456490eff90d30c35ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188946 Malicious code in publish-antimatter-augmentedreality-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d5d6b123e34a8689a89de8c4284bac809a0af916cf5f51956e0bb8bcf35c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190368 Malicious code in xenon-apex-ultra-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d255eba690342099284d8bf8a8103b1b72404c253a39810bbe3abd1882f8030 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186675 Malicious code in easy-serialize-omicron-mu-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69139970a915ceb4235e38acc7b982f8685dd4a844c2ea07bc4144d8a42be7b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189076 Malicious code in rain-interface-java-bundle-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 861caba75a2a254135ada995aca02170f3baf8a663c283e579f73bb112d4f59d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190022 Malicious code in uglify-bash-index-beta-interface (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6cc75455d927ac7ec7640978a185ab90cc79761f99095952bcfbf9d20cde5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...