MAL-2025-189238 Malicious code in rigel-miranda-cache-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24d18ebd38c79524545d193434c68697eb21e47a21abb2e7f108ae969d00566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188362 Malicious code in npm-global-sublimation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddd49961f0d54ac7944b8c564af29d8e2be7f5aab114048fc3a52eaad56e34ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189107 Malicious code in redis-browserify-nuxtjs-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 711d716900670192f72189f880361a7e02ddd5ee99dcbecd1465b28f95bee624 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189640 Malicious code in stack-compress-nu-zeta-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 175e67631711d41d02520521df6190627ee39430a578d67183c97e9628a7568b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185985 Malicious code in callisto-cors-ini-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee2ae0957732c6cc0510feddf764b20bdbfeee3eb45f1f46839a45c4ac7e2c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190118 Malicious code in ursa-testcafe-innercore-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dfce035eabf7825c0a7f26269b5bf0b12829681278f18b5eadef5359a7fca39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189885 Malicious code in test-on-spinner-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93b3148fad24442f075c8707e11b5a5bd042be189f67c373b76d73ef2f18c289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188955 Malicious code in publish-prettier-stylelint-seismology-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43052a28656f175ae88ca3541de9f3932eec1054bee702e2ee6c71eec895aa73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186606 Malicious code in dorado-hexo-sqlite-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a4a93ae9c0b359cf320351a3af5fd7016688cc60265a5c221a86d43cd0faad3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187263 Malicious code in halley-antares-lint-staged-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08f510611717755cfc51a3e5909c156ddd315996f9da4c82cf4c9eb2a674cc57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188059 Malicious code in mira-halley-halley-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4d654ea2429bda07d6516d7e6c195f982a2f1fabbcd309bcdf070a02a7322d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187259 Malicious code in hadron-pino-pretty-hermes-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7736f6786b89ecd00050315e30fc0bdf0f69210e399f441ad491be82bcdbf870 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189247 Malicious code in rimraf-playwright-morgan-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 605f4589e9fb73840fa4862f5d97c83687042c57fc5d073de4da60df0027fecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187283 Malicious code in hash-socket-slow-debug-interpret (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7eb938e088242a057f495dc0624b819b9294c2ad57b502008354dd8cad5c61db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187544 Malicious code in iota-scripts-phoebe-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fbee3686e895ff09efa48a6461e060acddc8e19556f4304ce807a20d372f937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186192 Malicious code in cluster-wind-fork-view-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5047c654c3a5d136a00aaba828d7028a4483a1b72fb55a1d2ffff40fcb45f3ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187513 Malicious code in interpret-deploy-omega-async-fire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9548d951625cc682aa2b671f44bdb5b9bc083e3b6c50b33272d8daac848d51a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190022 Malicious code in uglify-bash-index-beta-interface (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6cc75455d927ac7ec7640978a185ab90cc79761f99095952bcfbf9d20cde5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189493 Malicious code in signal-array-report-reject-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 283289da6de504f9b10af44c8d89bd41e470b54cea7f1ef22be005087825de2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188080 Malicious code in miranda-native-cross-env-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c98691086a9cd5b5817eb65f3e3379f8ecc8cd6c0265c8261ec01e76d2f7d4a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...