MAL-2025-185655 Malicious code in aurora-nodemon-whitedwarf-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd97281221fe89d74fd42bfb63573c9c1be04ca2dd3dff73ddf81fe566bffadf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190075 Malicious code in update-dorado-farout-draco (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5519ec1d8838352fb2dfff226a2121434fb340e7e6267d41cad435072182acc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190137 Malicious code in venus-dactyl-publish-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00e0885c4752a431d7ef0c7c486161540c316f43b132e783036e81bac58c1dc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190233 Malicious code in wasat-foundation-webdriverio-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efd9a86d6be17cbc44f9dae6883bbba2e3a38738aaf80a503bc35aa86bebe5a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188934 Malicious code in public-bundle-class-iota-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03445ba8a939ca18bdd9df7c6eece70c41c352ef40c472e0eb55792092510cd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185431 Malicious code in alpha-authenticate-serialize-long-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199def465b170141e797244332a927dcb36e3ae277b1a2ef1f33c77fd984bd0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in update-proxima-isostasy-archaeometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac93addf5705ec6be9762a965b872ca031400f21168925e440d5142383746b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188401 Malicious code in odin-nightwatch-singularity-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d3c3514c74c10761cf5de7d75f8f020b9df8cedac55d8dd56c69d1470045cc7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186476 Malicious code in dagda-technocracy-commitlint-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5d983e33879369dd931cad741e8149906dfd91e5b8a8b102b534b4b2cea15f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189805 Malicious code in taphonomy-neuromorphic-cressida-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c3f8ac8424eb2fd06c7645a3bde838a9dc858cb027eef1fa0343a1bdc4319b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186282 Malicious code in configstore-centaurus-writable-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4d2836adf3fb394b565c00ce08f4b87b9bb6ed7d0f8a9228fcd46d24a9735d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187552 Malicious code in isostasy-meteor-passport-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5750188ffcc6bfec77673e3a538523e10dc0a5ae302b71417fee0574355e6209 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186606 Malicious code in dorado-hexo-sqlite-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a4a93ae9c0b359cf320351a3af5fd7016688cc60265a5c221a86d43cd0faad3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187873 Malicious code in luminescence-chai-cryonics-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 989540b879fb299e0397665529c72e3ce6741ea1e975f756eb06854b13707b44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185850 Malicious code in blazar-quark-publish-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6051df5e76609f10fbecf1f58e20ad09d8098ec4fed4723d9a81bca13555b27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in report-new-runtime-sun-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f170b68394d1a1d0fbcaf0ab60fa7ed7b0e077c63d9823cf2922b7bca42d9aa3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187021 Malicious code in fork-omicron-socket-easy-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09dec83f01fe45716ab73eaf8f7a24f32dbc73e07c2b87df02a03f006c0a81c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188542 Malicious code in palynology-semantic-release-pulsar-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34206c99211389792c4d934032f76e4292094dac40215fc8bc1353575dcefef7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-magnetar-leda-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efac9c5584d5f9d128d2ef5be924c45f05b9f99c926ec52dd6d63c49abc7e2b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190205 Malicious code in vulcan-delphinus-protoplanetarydisk-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b24d971495291e83f1b4c4e45bbbcca2ecbe2a09313935b9aa7b391db4d8be1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...