MAL-2025-185593 Malicious code in astrobiology-sedna-archaeogenetics-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3df4d0495e148fbcdcc1cda0675903dbfcb6d71102f2cf4a590110f50a21230d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187503 Malicious code in integer-pipe-beta-orchestrate-simulate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e55447a68009d0b9b6fa757453f8b249946f97b92a5891a39a495e91cec4d3a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186013 Malicious code in cassini-html-webpack-plugin-loglevel-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9033f1763d5ba00b031a7c88ae9daa1fa6d813e089bdadca8c7150998d3917 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189284 Malicious code in route-await-root-monitor-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29fb642731ee8fc87309e75918ade51ddd54aab1fb69f028bd0f8a5656b0cf53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190380 Malicious code in xenos-nconf-aurora-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3becc1558a04e4d28823447dc8ebf2bb654650dee47d902b2c138cf0f0d3ba20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185620 Malicious code in async-gridsome-xanadu-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a279895093e63b7653ef1defaee79c1cb92b45475d3a6c650d3ca4ed7a056fc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186509 Malicious code in decrypt-info-meta-table-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be4883bdd1cd22e99353350c8cdb2c98e0bd344ac3801dc0999b5d205d66f663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187611 Malicious code in jovian-less-loader-draco-wasat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94189a4b8068d471674545d9a9ea66454a1547bf0c8fd73e8f0180d9b2200d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190041 Malicious code in umbra-octans-ablation-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b8978bd923183b2f8c2adeb260b1beacf5596db8503a689fa02d4d665279a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186344 Malicious code in cosmicweb-sedimentology-ignite-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 244a8086b97b3e59695f91b83a0a171f8762ba34756d6ee338d98344eb1b1b05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190285 Malicious code in webdriverio-vuetify-antares-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec458e52a9b2de78104cd2be4d4519b5b8c449a2cbcc9ea5ba651143ee5dc1e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186456 Malicious code in cz-conventional-changelog-selenium-xanadu-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf8b961eeba9da8ef4f127b78faa308dd817dfdaa64410081587bb7108e7317 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189035 Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186430 Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187172 Malicious code in glaciology-nconf-eslint-plugin-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dd9bb4030c257a4e22a70c445b7bbec7d468e091211d5f691bb80ea288ee8ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190295 Malicious code in websockets-hawkingradiation-redis-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 994bdbce332e280e57d34568b49bd87cad47f442aed60864ca334d072929e08d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189491 Malicious code in sigma-try-deserialize-slow-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa134277639263f6619b38cf6bbfcabf6eb3a6b0fcf40df08f3f58df3e53a0ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187164 Malicious code in geodynamo-radiant-slides-bioinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 803477616d2db87dbf10021a7d12ebbb625a2f2e245778328bd791fbc371b248 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188399 Malicious code in odin-lepton-superagent-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9097df2563b7ace6111f9eb81ee7999917d9f30b57bc2a877dc879f5d0d1577 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186720 Malicious code in emulate-catch-file-mu-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 780b4f9548afe60317b667414bbc56a8f0601ac37ed12885df88706ecec718ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...