MAL-2025-185439 Malicious code in alphard-fetch-electron-builder-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e9630f529c3a2decf0296dc89c233694d4d75a41419bdca5403cc0224582f52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186137 Malicious code in chi-mu-socket-cold-small (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c962890667949b1dda36ebe56787555eacad6d8b589542c2a0f944f45c3d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186282 Malicious code in configstore-centaurus-writable-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4d2836adf3fb394b565c00ce08f4b87b9bb6ed7d0f8a9228fcd46d24a9735d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190038 Malicious code in umbra-iota-graphql-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0216011a857c745443a164b8b961b2825a42498fd66c95b1ea56899885b894bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186351 Malicious code in cosmogenic-genomics-scripts-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ede3ff97afc807cd5b2f66f1660a934b572b18c219fc1b17e91ba7f10e09e5b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186830 Malicious code in error-validate-refactor-byte-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e7990422b33800950f82b858c49bc8d9140dbd49c020770a8373607ea132679 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189351 Malicious code in sass-loader-canopus-mesosphere-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfd6bbcda59d091061be1dc396ddc1689c6765b89ec42a4abe98eb51e16a4fdb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188278 Malicious code in nightmare-start-meteor-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01f618ccad5555d0a076b5f790e8c22ef5540f29809db86a35b06261b90dc6c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185514 Malicious code in aquarius-jsonp-technocracy-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ad13a1237202f35a96aa28cc0e5f19e2695115dc612673306cb0f2cb530f758 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190345 Malicious code in wormhole-passport-norma-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cbcbb4ec803511eef9b4bcd4ae8c312cea6bbd76fce98f3301f4509618457c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187008 Malicious code in fomalhaut-venus-pavo-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 329c73a08e9f3032f6b513ae004fb488440b7b7fae9069985ce5d0cf7d9d76f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189960 Malicious code in tool-webdriver-mocha-prettier-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0202e0c6d5116df45f3fbcb466f9f4469417db5a0a3a8c2d51725d491a76e674 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in planetology-borealis-nashira-celeste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee1f23cd13d09fb85a31f2ed20db00b1b9f7a5eb92eb83ee2f61400026501226 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yaml-cache-sails-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af495e448a44b27ba05a7124ae72a767dbc8c0ee4b614c3f1fe4155da6a49a1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-release-it-telesto-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156c3f239097b5a3342ea65e94f1f7759096530b2c5377c81f15266c47ac3366 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centaurus-quasar-module-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a29e050252b3c774ca548dd99315e0f8c4a20a46b58ff9253a699a09e756ea1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nucleosynthesis-neptunology-spica-stratosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eda83e4bc64b5fe5829462248eb9db1a8ad23495c0f75a0a84658b7ff95c8f99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratigraphy-archaeogenetics-pino-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8b8215edc8d75314fd70706553211c18d60e357ddd2ba33d98c9aebc7bfc32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in whitedwarf-fomalhaut-nodemon-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 485383a1d4793fa4e99c507b8c6475dfc9bc9e56e6433a5eb09c6255405a640d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...