MAL-2025-186344 Malicious code in cosmicweb-sedimentology-ignite-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 244a8086b97b3e59695f91b83a0a171f8762ba34756d6ee338d98344eb1b1b05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190285 Malicious code in webdriverio-vuetify-antares-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec458e52a9b2de78104cd2be4d4519b5b8c449a2cbcc9ea5ba651143ee5dc1e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186456 Malicious code in cz-conventional-changelog-selenium-xanadu-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf8b961eeba9da8ef4f127b78faa308dd817dfdaa64410081587bb7108e7317 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189035 Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186430 Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187172 Malicious code in glaciology-nconf-eslint-plugin-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dd9bb4030c257a4e22a70c445b7bbec7d468e091211d5f691bb80ea288ee8ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190295 Malicious code in websockets-hawkingradiation-redis-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 994bdbce332e280e57d34568b49bd87cad47f442aed60864ca334d072929e08d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189491 Malicious code in sigma-try-deserialize-slow-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa134277639263f6619b38cf6bbfcabf6eb3a6b0fcf40df08f3f58df3e53a0ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187164 Malicious code in geodynamo-radiant-slides-bioinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 803477616d2db87dbf10021a7d12ebbb625a2f2e245778328bd791fbc371b248 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188399 Malicious code in odin-lepton-superagent-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9097df2563b7ace6111f9eb81ee7999917d9f30b57bc2a877dc879f5d0d1577 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186720 Malicious code in emulate-catch-file-mu-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 780b4f9548afe60317b667414bbc56a8f0601ac37ed12885df88706ecec718ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189039 Malicious code in query-betelgeuse-nebula-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 408daa89c70619dc90c25827b6f89e118cc4f1450ae3a3b7e834585362c6c839 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189875 Malicious code in terser-webpack-plugin-nestjs-umbriel-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5383d1d73e04c37c0a2d6b250a999810d40f5479e51250c1e31ccd8bde1485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186884 Malicious code in eventhoriz-yonder-heliophysics-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6dedf6a6be5b51314918d364f88bad64cd52afe94c80b323f0154fa6759ffd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187904 Malicious code in magellan-hyperion-gridsome-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02a5df34c1f19de7677a58006bccb59e510052f7e8102d6f117af9856b778f23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187907 Malicious code in magellan-vega-phoenix-hydrogeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f2f66ecbac6b74c3a512bcdb85aaa1cb1f53a2ff5ad66a411a8b5dcfd3d8bd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189626 Malicious code in spinner-cryptography-acamar-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1062828bf86ee46897b6ec3fdad22b6f8d2f28a798fbc38016d478935ff78ca2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189015 Malicious code in quark-aquarius-weywot-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30996d68f5a3eaaa198028e609182507bbc8d9d2c5693f797f51dc0ec35e1c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188449 Malicious code in optimize-css-assets-webpack-plugin-pm2-lyra-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 741161c1e5697b9ea2854e1e99a994a7948792bbba257c3d30130fd110051d4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188213 Malicious code in neptune-betelgeuse-halley-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d3a2b6835a2e2cd78eb315d5e4b82e68d0bcb3840274c62bda761b9496ffe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...