MAL-2025-187000 Malicious code in float-encrypt-awk-dog-export (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c90aa27b8b2e55c0c6642bc683065f853ef3a1db966142393bd9fc8f637f11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186738 Malicious code in enceladus-sirius-radioastronomy-octans (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24f57bc69c731ec02e2811fda830912031459311f70ab51b01296169cfd7a5c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sails-dotenv-adonis-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa31083ce72f58be06ef61827800200ffc7fb0df078a978047d564620b116b79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-safe-parsec-soap-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e893f8ea331585741d2e799fca6e6967bc3995df4fbfe523ae985a21231bd8c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wezen-mutation-ora-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 785a2cd14109740cafff9a8e5b31c61ce4568134f9abfba94196cfe4cfa0d4d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenos-nconf-aurora-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3becc1558a04e4d28823447dc8ebf2bb654650dee47d902b2c138cf0f0d3ba20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slides-quark-thermochronology-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07dcbe1f37510df116b71e1a7ab93ef11a33c2f0a768fb496338638ae21b7256 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-event-install-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b410cef5e278f40d1683c3c77135d349c9f67e0537b356d77f55cbd71a3c50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in robotics-proxima-thuban-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c49c583566ab4a988020e91856a8424efde07c79821afab4121ca10ecb8ed77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in library-biosignature-bionics-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c195849028cdb53692f81b71f60bedc1c41ab1cbecd2d1f708262bccd1f04c34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-cache-neptune-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dcced428586d5c658c6d06f02558e785120656560c9a4da656ba00cfb75734c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-weywot-typeorm-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84754f42b17c1cbcb703d768e1ec6285f9130fe174ec09e50b1b5838c78f7cca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-css-minimizer-webpack-plugin-spectroscopy-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a2a729962259a1b810fd5b3d3ebbcd7a38aca27aa52129940b9e07adc0b6483 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thuban-run-script-octans-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41bcd540d3089d4cdee49cf3fc5e84101e85b4b10116b145f1f13927a252e045 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-parse-async-xi-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dd6435fb32b846e888bf4ec073cb1121ac3787e29184213f76f831bbf3095c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in error-signal-minify-zero-index (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9de97ad293aa756831d0293ba26e692cc4a59e7f7ba970803c8b51ec783cb420 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in orbit-luna-indus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ed9d865a656c770e023fe92f67cb64974da1cbe3fb0141834bfffd8c86df97b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in interface-iota-tau-optimize-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b927af0512416ad1b31f98ffedf703e447bf20dc26407cc26a66d63f8cf2a93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in java-theta-theta-zero-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de583b65b57ab9087f465b92bd3ee216f6f2f543c1cddc1d8ae174441f641f89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-cron-secure-thread-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6d9a4e75826baaad3bfb8184f3a94bbff375967fdd2b655b15a9b74959d6387 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...