MAL-2025-186945 Malicious code in fast-java-stub-void-bash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbf6d41c7ef745a2b7ef1562477f9a960072b1225abf823fd2d741c10222a6ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188237 Malicious code in nestjs-astrometry-geoarchaeology-child-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4ce8afc89dbb4d9b8803c81b1f7a4c931f3edf36f43e471ae33f472e8148e7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188683 Malicious code in phoenix-eleventy-io-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ba874897fdcaf548e9b7fbdb00270ec5ea6feb9cb237f6dcb0946a480910f6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188024 Malicious code in meteor-geochronology-element-ui-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b2fbd4a4d8c5dac51c3818c36571c2e2edb4ecd33469ce0e9a4d8cca5ce837d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187911 Malicious code in magnetar-palynology-uranology-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd8cb005d3b13b23a50a504bd007171a1a10b97495979bb817020abdb259373 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187133 Malicious code in gemini-csv-cryonics-castor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a57321bc7da3ae1f7471aa4b2daac2201509cd922f65a18ef0992a031b983c12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185403 Malicious code in air-query-sun-void-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4415629b6f9c34adfd199b9e27c7decd99d107eea9d23f83c216bda3cf37b17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187824 Malicious code in lithosphere-markdown-pdf-winston-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc6fbfe227af2797cf89ea184596ed69bc80870c57f08a1e421accae594ddd57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190016 Malicious code in typeorm-kuiperbelt-miranda-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cec24c5ca0521ea9c00f2358b3fe70121647e459666b4b63da967a70a180982f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imodiov-kufni-acumnacffgteafsgre (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b562b6eddf8d46edeb28c4c1ac013ecf105428d0f56e38d35e7c8088b8b7fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in libc-ug-ag (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a9136dc2b0c9da3cf142015b3163abdbfa4eacf5584fb1f3191de2f1b5b2579 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avangs-olium-niluvai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5ef6bf42d4bb1ccf98ae0ccca0f13cead9d6d23b4a11a4c33f677e5b211480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hitale-irhar-aaesdeadee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e6938b3af18767fd65bcb77f97c2fbadcdfe0cd66ce75f89ead23e4958da74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imodiov-kufni-acumnacfteagfac (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5712bba25e5040f0a62b770806c75631833905bdf6550fc299d4dedb6f959c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in manu-oyib-givakisois (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61c441b0c62d718e63175d8f6aed14faa21f20d9f3e78bca0145c2c8bda301e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avangi-olia-iaiai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47093a7d8448c760ea60c35f842c7e45f15ea4b3b9d0f0e4292175c4c700ea29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182606 Malicious code in imugay-avig-ijiuf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca6f5aa01a8209b853bfa6157a8afd81255f79fc7f5bdacf741403ac246f276b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182023 Malicious code in flights-lutuig-adisdfdglonolo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9411ff2084a5f0827e187044e29aba96973657d09b1a5b4ea71ceda21be6448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-181320 Malicious code in @akunsansan0/kopi5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2636deba3531ee592478b89de2d87e8a042cbb957935849b8f7b452dbb1da8c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lookingan-jaja5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16095d1819fb0d10aed6d7ba0016c2c7c13520b8a1fe9cdf5ca384bbdf591cca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...