MAL-2025-186093 Malicious code in chakra-ui-test-quark-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7da34d62a5c8298da9cb0398d30b6ec22a9f5f88682ffbbef975d1fdeff375 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188097 Malicious code in module-barnard-ganymede-sociobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318ce5e99a1844c93f91036e8137e440098fae0a90415e943e5bb1c3a0a191af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188758 Malicious code in pm2-gridsome-playwright-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f83d04880b7d838f22954c6d4978d7d43413d986bd2f4471a604b357fa97e49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flare-ignite-graphql-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3ee76870be82d97f3eb5d63d5d9fc0339e9009a28b02be76c1b4a0f44944d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gammarayburst-technocracy-janus-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a8fa380896847a4f64365da44abb4d4cb3d6cf76d566109c27ae8b4c3eefff7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stream-indus-dendrochronology-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdf9efe1fac494c78e0dc753729d3c091e5206d94dfa78e6b2352c83e1ddc9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in delphinus-ganymede-sadr-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bd9091fc6ac414ec5489f2792c694a2abc49dc516b02b637f49f5f797997770 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeogenetics-tardigrade-filament-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9224028552e3b7dfa507b6d9c04414e4fc7c9633163fa4ca6c51bf465fb5ef0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in passport-semantic-ui-miranda-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a277e6b110c6a4ddfff8bbead45f6d4b7425d4afb2864b265afba03f6b45bfc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-jest-sadr-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e89aac5d0b4009e332adde5f4ab68e22d2649dca304694ad146bbe8bd1ab922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188389 Malicious code in octans-eigenstate-antares-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5827759135609199eeff04fcc96db52baf1dacea83e3ff1eed3eec07d88af2f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187314 Malicious code in helios-centaurus-juno-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 929260b67680ed0507a691726e1f4f84a5fb3205b6e1217e1356966bbbfa20e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189530 Malicious code in slides-photon-nightwatch-stratigraphy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 444e670a73192fcb4bb106568c8db84e3d394ec118dc7e174a44da9d20b5a52b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187478 Malicious code in init-parcel-run-script-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 258bb21c3a3de866aaa23cbb8d387c7def0f1812acd17a8cd69e306b229a92b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186061 Malicious code in centaurus-farout-html-webpack-plugin-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f90a93fb08acfd5f7fa33fa6b6f7fc638d17fe538b4201be97e4fd9c7c056b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189222 Malicious code in restart-warp-webdriver-mocha-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95bf93b3651fd9e5262e28a4c025dfe14338cabf906f3143dad4f1a1cf765f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185579 Malicious code in asteroid-cors-bulma-paleoclimatology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c757cc0677aa2f8229baf844fe4422f081113cf652d25c7447e2ed6db0fcfb16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185971 Malicious code in cache-xenos-regulus-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7ec47ff40e5433cc495d8db04882a9a62cd1feb321a80da2c7c82326de4718a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185932 Malicious code in bulma-equinox-build-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 936f198e0e70f653d369a2d4c68b7759255a33a0397ab6045251c30465cc7e9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189811 Malicious code in tardigrade-mini-css-extract-plugin-nightwatch-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eccd2dbe37050ec44770db072262af063d90c8cbb1f901cc4ab7337d91745c94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...