MAL-2025-190225 Malicious code in warp-mdx-hermes-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 591aee67ad544d545c8ad1b2c88a521109b44e77cf020d1e9d60b9d38d21d24c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185939 Malicious code in bundle-alert-runtime-private-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62c8caa3aa8ccfe49e936067aefe3ab052ff9b38de21448ed8dd888dcfa7bea7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187163 Malicious code in geodynamo-hydrogeology-ultra-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a25646f5279d706c1d9dd687cb55cb85561e38fccda1c0629ad76b46916f95c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190233 Malicious code in wasat-foundation-webdriverio-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efd9a86d6be17cbc44f9dae6883bbba2e3a38738aaf80a503bc35aa86bebe5a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187862 Malicious code in long-zero-rain-daemon-refactor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 984383ede6b7df3654a9bbed20b7f0f7249154ddf4189b3a50c1431af44918d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186860 Malicious code in ethology-paleontology-nova-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce92a1a93eef7d8d5c677d88ca01e75f87b3503782743b8c6e058a738644aa75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190039 Malicious code in umbra-jekyll-foundation-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c106822cf8e3fa26d502751c57e0f20c137335a06eaa078c6724cb7fa72d9938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189015 Malicious code in quark-aquarius-weywot-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30996d68f5a3eaaa198028e609182507bbc8d9d2c5693f797f51dc0ec35e1c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185701 Malicious code in await-throw-psi-simple-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 937c92f1846343ce1e7e08ff398c3ef8339757e31ea3f856fbedb5d32b508cf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188921 Malicious code in proxima-thermosphere-weywot-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2244dab451a96c625aa78d793fcb3ba1931ffe5080498587c46c6bbf7f5a3d62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186999 Malicious code in float-beta-deploy-star-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c28ea191cc624187c918a5e511152ef7fdd4e559f69dd061a432e823a1547cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185598 Malicious code in astrochemistry-selenium-solis-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03e4945f4be5d41b84b61b8cdf7c141ff4cbd2a35808590735d6fda40200ddd8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188593 Malicious code in pegasus-deneb-iota-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f09829ad648a30448e6909586b77ecb91a7d0c11ed07ed4042c386b13811abfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185380 Malicious code in achernar-hermes-centauri-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eab22301bbc8cc3305c04124149153e96718f5a79c8fcdcd1f4e7e2d96ec6c23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188707 Malicious code in pino-pretty-prettier-sequelize-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3bde5720db4c2110dd2e282776b87cae97883f7ed7cd03ed524b7a0c027d9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187944 Malicious code in materialize-magnetar-paleontology-cosmochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecf9462c6606c2905716e1a2464a867641a12542ae45f8c63e22e1cdfbe250ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189799 Malicious code in tachyon-mesosphere-spinner-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0199d4ad6da5ed57f1010cac95dc16558ece4d84ae6e6c6fb857dc52e6c6370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188831 Malicious code in process-callisto-superagent-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b89bfed12b339906f993ccf93fe8a767aa4c8e542c6cd156df2e24604d5872d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189412 Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185913 Malicious code in browserify-cosmiconfig-testcafe-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfff5428f531d2e4567d0a397bb6f4305ee3665f448b346444bc1f04b258b597 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...