MAL-2025-187114 Malicious code in ganymede-tethys-jwt-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404215b9a56b2a2fb508a19ae3dd7a8e028cd7ee171394ea28d87123eb72e07b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185852 Malicious code in blaze-farout-module-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4192d7aeef77906c60bb34e7bc30349a3cf23117c8fc3d3afb6d6a2a96bae8d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190029 Malicious code in uglify-zeta-tree-delta-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c2a9aea8eab50320c779880a7b814aebf214304d7a582738f948d6c44cf0d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189034 Malicious code in quasar-robotics-soap-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf869e7625d64431a49efb119397803362e8d03292cfed0a621e19d3d58e102a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187113 Malicious code in ganymede-style-loader-xanthus-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a5f45d9564f44b2db677d8a064664c3950bbf58615506c9507134b1044b3ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190345 Malicious code in wormhole-passport-norma-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cbcbb4ec803511eef9b4bcd4ae8c312cea6bbd76fce98f3301f4509618457c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189499 Malicious code in simple-await-try-book-epsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e39b3a10e41800c4664d93a4fac3389994bd787c8ea852f61631ec227e3b8cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187318 Malicious code in helios-jekyll-polaris-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 185b2314d9675d6e627b2ef3b7251acbba2ffb5ecf02743553126f3e6cd7e1b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190118 Malicious code in ursa-testcafe-innercore-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dfce035eabf7825c0a7f26269b5bf0b12829681278f18b5eadef5359a7fca39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186141 Malicious code in child-process-blitz-spawn-wasat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 352192e625655a62b387104ffb60a5f639784d2858a0800691396d8f61c4b31b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186878 Malicious code in eventhoriz-ariel-atlas-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92528c607e087330fb36dbf06bc64f943543eede0e85245ebaa7e3c0e0699c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in asjustmeteai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 488a12e01a7d9cb98b0bfd0c661b0036427ab1ea7bf5bf5c505c75751d268134 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in forever-heka-polaris-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 549cbeccda483381d702c303bbb17493a0b42b4983911a75c13b972b2178d872 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoecology-webdriver-manager-cli-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1702a5ded5d7db3c4166a15a439a1ab13253c487e4124cb1374ba85b937cfa5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rate-limiter-callback-nebula-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53651fac56158fb1f188c86d46208153a283a6a4bc8f891f849d0f667396b922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186535 Malicious code in delta-sun-psi-new-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374cdc7d058badce2f6a42696c611854a14f6b677f5cc78ec1c95958aa1ee55b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189262 Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186243 Malicious code in commitizen-radioastronomy-steganography-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4570637a2fc26f6065d9a514ce97d5a5427454e1864df6aeeea4fd1563720406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bioinformatics-pino-pretty-mutation-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68d27958147cb7cd276409e0d52dcc556e3c5e0d323436adbab13384b0788339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in restart-virtualreality-cli-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9d5aa5bdd04a69e784a9117629e602322a901b83eca9fc9f548929ac2cf681d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...