MAL-2025-187061 Malicious code in fusion-eigenstate-install-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad639da6e793d2159b795fb19d5682182fa5314233b975d0b111b1a6bd1dec65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186703 Malicious code in electron-pm2-toml-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f39fb8a9d75395b1785a187dc32fd7123d42ea214d0d3cd4f9526ff421b0a685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187012 Malicious code in forever-iota-callback-vulcan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2f60f3a13bf834da1f6e7ea40da360ca3b541224c8dd928490733f69f44b927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189039 Malicious code in query-betelgeuse-nebula-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 408daa89c70619dc90c25827b6f89e118cc4f1450ae3a3b7e834585362c6c839 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189015 Malicious code in quark-aquarius-weywot-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30996d68f5a3eaaa198028e609182507bbc8d9d2c5693f797f51dc0ec35e1c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189284 Malicious code in route-await-root-monitor-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29fb642731ee8fc87309e75918ade51ddd54aab1fb69f028bd0f8a5656b0cf53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187953 Malicious code in mdx-hyperion-taurus-antimatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d5dab7a7c597d9ff7f83c4f405d6e51f5f69a9246ec69aaf50097b1fb04c2d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186430 Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189404 Malicious code in sed-sed-link-data-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ccc8b20dfaf048c261a0380b71cf6a30fbead7edbc4958b753a86208b3b9e4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185936 Malicious code in bulma-regulus-mesosphere-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 281f479ece7de40bc39ab4a96afb7d0448b253e2e0d29cb27a021bc83863c1ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188379 Malicious code in oauth-zenobia-mechatronics-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a302ded4491038396a7065140b8b3fd0cb60afdd87d680b8a4d45bbf1a26e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geodynamo-hydrogeology-ultra-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a25646f5279d706c1d9dd687cb55cb85561e38fccda1c0629ad76b46916f95c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189186 Malicious code in repository-heka-nestjs-mesosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 280a9a067b4d3a3569af0705929db53acb6d1cabc8a723c0f0e6fbe9a4024fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188615 Malicious code in permission-resolve-function-fast-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 459860edf67e24cf65eba1b81de8a35d10e8de00a10c131af68c3734515c11af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185605 Malicious code in astrometry-postcss-loader-mineralogy-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca444498c36427713db81e6375390896a4f50a84c54ef6a52a73cad76ca35971 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187611 Malicious code in jovian-less-loader-draco-wasat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94189a4b8068d471674545d9a9ea66454a1547bf0c8fd73e8f0180d9b2200d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188196 Malicious code in nebula-await-paleoecology-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97b549d90567ac211cc5c3b056b1542850ce033df28ab52a5e0600e273d3a9dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189870 Malicious code in terser-webpack-plugin-andromeda-zenobia-pavo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1353b216b9be652df251b86f5fbd1ba87fb50094ee212a5f9118d884dc328d7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187232 Malicious code in grid-mu-cloud-signal-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cdea576c0cd2686520489649051a2de7c88148b728550acd1d2f5516422c9f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185939 Malicious code in bundle-alert-runtime-private-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62c8caa3aa8ccfe49e936067aefe3ab052ff9b38de21448ed8dd888dcfa7bea7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...