MAL-2025-185614 Malicious code in async-cressida-umbra-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16d7f344a284484ee4c9862dd2dd6ac94ea09769be191bef503fb4a7288385f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189638 Malicious code in stack-authenticate-boolean-compile-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9745ec09c2bab1bc9a6763f2917d29894ffe39f12ebd0c3511c243130dedf0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187366 Malicious code in holography-commitlint-xml-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eb59ca534b23129e0bf53a8b51be5dc5a21ab32c8f17d2cc49aff38bc7718e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186834 Malicious code in eslint-config-geckodriver-algol-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb91f3db2f6f339619f29bd1ad8766449fbb43717aef0c7e9130729b1287949a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190039 Malicious code in umbra-jekyll-foundation-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c106822cf8e3fa26d502751c57e0f20c137335a06eaa078c6724cb7fa72d9938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkmatter-gravitationalwave-less-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60169f4539ca2dfd27fe10bf32020236f1d4b0106bec0644fa577812e0362eca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189352 Malicious code in sass-loader-castor-prettier-stylelint-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36be8c6e53454c41e44313eec1651c6e1d576f1ea1012f52e9fa79e27af392d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186578 Malicious code in development-outercore-neptune-singularitarianism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3a9ad1dcbf47720dfdd87f637ee8939890ae4c1b9d6ad6d72da161239249d37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187976 Malicious code in meissa-steganography-helmet-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063f1e0ad2c70958a4aef76f30c704044b1b584c2eeb5dccc001e746c7509ade This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185937 Malicious code in bulma-titan-axios-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aefa58ff6412b2a7d3639037d582e5057b746e53319c75443b3aeca613e7b575 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185454 Malicious code in analyze-signal-bundle-query-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e9ac109472152832caa800b02a3b34b918e75736ec1e24c065add9391558992 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186400 Malicious code in cryovolcano-miranda-blueshift-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59449acb4cef3d9ad47b88923f58647f07f720c187506505b15d912c13c9026a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185478 Malicious code in antd-node-sass-zenobia-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1a6abf162f2ff33e0e531ac0bacacc886441b2faaf429aec9919956afcd7939 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190387 Malicious code in xerxes-nuxtjs-enif-superposition (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a3df68c1dbb342fe2e72f7fab9e48410d45a2321d9e4454632ee3c0f2b8aeda This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186904 Malicious code in exoplanet-izar-superposition-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886be052250c8da22409a509f63c9e24a06168838b56a8677333e16aa414e897 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189528 Malicious code in slides-convict-husky-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b69738a724e0092e0205d6285478e0784c458bdc90564307ce801699beb7d7fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185992 Malicious code in callisto-module-module-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 356ff25afa3f90e1c8c9dcc12dbc8a9ac87666afec50cb83e076db197a2abac1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189147 Malicious code in reject-book-catch-module-short (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b8b14b5a95ce44e95fff509182c83b828055877000a05d9e7b4447abe77c430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190106 Malicious code in ursa-eslint-gemini-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1630e5264385a9c74585ac7083a4b36aafec62504d3d7b3b68157e82eb2a04b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189555 Malicious code in soap-membrane-thermosphere-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 170ea9563c8b172d76653b10f5c52e414d07daad6ecf7e43ff3f1cb6a7feb60f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...