MAL-2025-190116 Malicious code in ursa-readable-astrophysics-wolf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc80f1b9c5c521714bd2e80e2a6b16e345cc954db76ce53bf0af5041f30f670b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188080 Malicious code in miranda-native-cross-env-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c98691086a9cd5b5817eb65f3e3379f8ecc8cd6c0265c8261ec01e76d2f7d4a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188668 Malicious code in phoebe-borealis-vuepress-coronalmassejection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deaa586f7a513b8036116d867f85c2889429e1affc2ab69c5e417d09987ff2ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188529 Malicious code in paleomagnetism-playwright-blackhole-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3ac923ef3e0b0386e7575fe8798cedb5b699921978d28e61fc8bdbe8f8eaab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188340 Malicious code in non-blocking-miranda-gridsome-cosmicray (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78ded373441292494a43935f760ffc243265ed07283b7797b8afa7f81f2530e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185519 Malicious code in archaeoastronomy-blaze-panspermia-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74ce19487a2c3093fd4a1524dc20d5246b2f30463a959ed1694fd6e25204a8af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189885 Malicious code in test-on-spinner-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93b3148fad24442f075c8707e11b5a5bd042be189f67c373b76d73ef2f18c289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189797 Malicious code in tachyon-asthenosphere-less-loader-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21c3181d7e1225e94cf6ec96aac89e6b7e7832996548331008eb289be9aa746 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187750 Malicious code in less-cluster-soap-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47863fe4b497adc647bce8fd2ec2979fb05147e8a1705890e418fd3b97b51b6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187613 Malicious code in jovian-postgres-webdriver-mocha-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ecf3fd1d508e4debb89f36a79eb6c7ac29572b4b9404eb582a72f90583c8daf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189599 Malicious code in spawn-rigel-petrology-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ceb3e16eff53632f7d133fa2fc43a037654145b89bf2a95cafcf672760818e57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186635 Malicious code in double-rain-protected-import-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8581e04e65ec57750c45a77518bc0bde32027cce7cec3092673048972abc390a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188162 Malicious code in mysql-joviology-eslint-config-exoplanetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643bafbeb2dfc79283955d0c21bab2fd71901ce97f885b0030161154a433103a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188150 Malicious code in mutation-augmentedreality-archaeoastronomy-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d350f2ae2d91b828a2e264f7f2d54908fc2de495a298a5dc6b69b023837e517 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189948 Malicious code in toml-jwt-docusaurus-celeste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7137e5c7ace789bdd6841a632b7672fbf80556d0ed465fd3a20160f1b2d3d500 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186267 Malicious code in concurrently-grus-vuepress-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7074c66c67ba8954226ffe4caea4be815b7cbdb15439e2f2e1a589d8eab0e173 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186476 Malicious code in dagda-technocracy-commitlint-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5d983e33879369dd931cad741e8149906dfd91e5b8a8b102b534b4b2cea15f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187554 Malicious code in isostasy-rate-limiter-miranda-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8886bb1b3aa2881de5d3a090df3f702e15600943bd93f6e415c544b97c814926 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189800 Malicious code in tachyon-string-version-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0fdfc74478a9afbba79d8616c10a0a83eb890f0f6898259eec91b20c796be2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187582 Malicious code in janus-repository-acamar-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c352b7dc2bdb562f75a203a60a62f9bd3e23618797491c44e1f3d6593927eae2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...