MAL-2025-188871 Malicious code in prompts-jasmine-wolf-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c4950e6676dcd08c2d832364db96e59567d89ab3b4af075fb7f3fc3b563b84a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188304 Malicious code in node-config-commitlint-panspermia-superposition (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e0aeefef00ffafa72eff5735fa1a8801352c9e4c828d148219678c1b24d15c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189585 Malicious code in solarnebula-nextjs-start-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a158f05aded8cc14a93cdd7ddcd71a02ef799b562af59a0981fea88e286fb34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189635 Malicious code in sqlite-oauth-quito-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07ca71d4114f8ae4468c127def1828c69d2b57565bf13761cb5938f72ffc59da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187179 Malicious code in global-docusaurus-postcss-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8df4f9814159eb8eac2592d283efc63cc900f4be3c84336bf15ee23c60433c6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187581 Malicious code in janus-remark-thuban-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 570155d095d3eae650688dc844681804d9c1b15d9b0f5ab29768d385d842d4d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188990 Malicious code in pyxis-hercules-scripts-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6a81f666995ddc6c6187d95530b91ea605e66fd4709f426879c3d30977691f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186065 Malicious code in centaurus-perseus-remark-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ce96f56e1b53ba28c31e4d27ed1b224358022b063da73e5cf10330319508792 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185594 Malicious code in astrochemistry-aldebaran-update-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f153e8f9ce57b26ed2021c54f7589a72b6eb21094b47c5a9c67c165ed436892 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186542 Malicious code in dendrochronology-test-markdownlint-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367aecf6bc954214e27f286e5d8f5261d0c857e8add3e2abe083efdcd37cacd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188998 Malicious code in quantum-computing-mira-volcanology-sublimation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed13dadf05282b70bd7d95e5d68f12f1c859b52657077d68708f28f54eafe677 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185562 Malicious code in ariel-semantic-release-optimize-css-assets-webpack-plugin-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e92e6e415fb780ecd55df704c9df844b75061c1af180a3ad3f6e2d6c0321a3b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186958 Malicious code in fetch-charon-callisto-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62550fec98515505f3376660a176a2b13482b88711b0022c9925a9b825e4fb36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186707 Malicious code in elektra-bellatrix-neutronstar-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4f90b5692e853c91bc5bf63fb6ee8aca89c7b606140be3793dc608467693e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189850 Malicious code in tectonophysics-sequelize-whitedwarf-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6a418c5c79fe80c62d72488d51e495118660bbfd475cdb942da5cab826ad3c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187485 Malicious code in innercore-superposition-lint-staged-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7abd4acbba5b074836858ec5783011c447065694a29b8d590667f5c6cfee9cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186927 Malicious code in express-cors-dysonswarm-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d813d65a50244ad3649baaef287695f9e5c9fcf145c42566664a40f4d368e4ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186164 Malicious code in cli-eris-cors-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e21ccc4b2c62bf4c996a5e3973550804784a618256801ff24d7af79770a5a6c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189784 Malicious code in sync-decoherence-xanthus-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 302cb9295281a82475b3d087e5c9d61e6f97dff44cc081a850b4044c5e0991c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188417 Malicious code in omicron-enum-link-permission-double (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9804048589d4df4d871f01e83fb61ba2d7b918abd2ebe1ed69a6e045eedce720 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...