MAL-2025-186928 Malicious code in express-proxima-websockets-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ee0a304fa501650f89077e1daec98bbd0bb5ef6a4cceac9cecb13c6ac45490f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185671 Malicious code in authenticate-scale-analyze-book-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d038c7d079b519f31ce6b09657db6765d1d0007fe0b8bd295d08d7806e81e80a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185387 Malicious code in adonis-prettier-stylelint-ignite-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c2dee72f106188a0ff5e17a762bbdb0c03f1132107e86b7618d5761be4e285 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189543 Malicious code in slow-data-moon-object-serialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1c49854e181d4118e50a6f9910fd6b567e67cd382a7ff14982b0a228063d3a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186725 Malicious code in emulate-sudo-query-balance-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40e4eec2a59cbcdf3ec68a88c1b19fbd9aeb9ce1cb89ebba9c49b3ec09e41ac1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185629 Malicious code in async-readable-solis-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0388ca8191409c46f403905e1df713eb28f31fd0df4c0cc77ad8d8e90a71c25c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186860 Malicious code in ethology-paleontology-nova-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce92a1a93eef7d8d5c677d88ca01e75f87b3503782743b8c6e058a738644aa75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186547 Malicious code in deneb-juno-telesto-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33bae7e16402e2f9c25bdb4393c7c91edbd242e3766f9626e46b527e7e400a2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187581 Malicious code in janus-remark-thuban-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 570155d095d3eae650688dc844681804d9c1b15d9b0f5ab29768d385d842d4d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188411 Malicious code in omega-big-zero-export-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6452494d4a91b262c8f8c973f098395e47d3fd525719d07e2c95a4915fae749b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185447 Malicious code in altair-genomics-firebase-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d94b29e9713ad4d380989b0c0e6cdac4a84cf8357cd6849a4b7ebd32e68c9b50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189752 Malicious code in supercluster-vortex-blackhole-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a840cb750914a2d75e4627c09a5d65fdf3f78ccd08344dfc9f366053fad4d11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187014 Malicious code in forever-regulus-hyperion-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e2062bd268855000f106c9a6f105144d5b14e41d4f378ae8cec59bd4c875dc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nu-double-import-theta-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cac277cdb2603c0d0004386887eb6afc11277f7f1255244070b236987bb24bdf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in import-uglify-shell-assert-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d50bd88fd1544b70a1e57fc9c10d6058a210842a8d2f61d9caa28c034c05fd7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zephyr-yakutsk-update-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4056139ea2e6931e54f1dbb6be8565d9c94ad19a8e4cc44520c8df7a00ac25f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187266 Malicious code in halley-eigenstate-baryon-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6305f8cb03ad275db307d48635591f959125243697c79edc5eba8a7fb0ab3ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189414 Malicious code in sedna-nextjs-baryon-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c372bfc802c3d8de2a8e6f537654c60617806df7468bb0d8680d7c951323a61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188980 Malicious code in puppeteer-geckodriver-redshift-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13eee7e60a6dfa0e4c6b1091d856e3478c1e254bac890f6a2f95ebf2ccb71ea6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in toml-terser-webpack-plugin-process-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 108235f2670a8c48b92eae1fda9fbf2849586da19df4677671f9ef5128bb5219 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...