MAL-2025-188809 Malicious code in prettier-registry-forever-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9bee273ba762279ba30203b2a54d467cc3b01e489006d55110b49d433736a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187608 Malicious code in jest-titan-postcss-loader-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a277d7a2ceb2b1f9af71797414949b7377311b1cbeadc87adacedba54221430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188530 Malicious code in paleomagnetism-process-rigel-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 806c222b404c6835419bb2dc3e3292a0bfea544dc0e55b7579ef348d91329803 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188847 Malicious code in procyon-planckscale-steganography-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39c4d37fbf13255886e12089e56f22b61d91b3bdf0777757e8525a23c2d66b5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185868 Malicious code in blueshift-toml-bellatrix-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba781ce6e21bc8fd259330532a0851175ac241caef9ae72c818ba96369dc9688 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188134 Malicious code in mu-slow-star-promise-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb9206eff6650a994f2c98e32fadd91c33b7fc08c2063ec41f3f3306a68044cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187300 Malicious code in heka-antares-vulcan-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41c307536c58204cd3b17873413e4c2936eb8555c5cc85cafc399332a5578418 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deserialize-rain-stub-alpha-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fe3e3ccc671a2079a03fbc27a83e769b85746d020ff909b6623c07efafa20d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185948 Malicious code in bunyan-radioastronomy-interstellarmedium-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cc54e68d097377490b89849ea3a8203a0b8b2af36ff8e9b2ab0361325f59df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188089 Malicious code in mocha-neptunology-flare-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6d37bf0614ce1300b08987292992ee91266002a191b2baf94fb221bc877a9b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189894 Malicious code in testcafe-chalk-magellan-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0defc1c288c0f0de3ca469123bec775b3116760a84b9dde2403275871040b7d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190204 Malicious code in vulcan-astrobiology-wavefunction-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48cd42be9a2a6be3b8e905ae225912535c292dc4b693ff78a5278eacad6bb8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186723 Malicious code in emulate-private-alpha-decompress-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a73cd7def8995cb1c4f464021cd52d52ea06de08bba825ef6747549710d415d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186123 Malicious code in char-hot-import-public-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 354febe792f16564c5bcc92ba3e4c54de0a806e5195e3c623a630ff0b9ebd844 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188581 Malicious code in passport-selenium-terser-webpack-plugin-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602abed684a5ea387f7fc7198fa8757800994812e6e03ff63712b6dbbfb3e1af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187594 Malicious code in java-socket-cluster-decode-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91f9d43e44408d07d0519e14906a4ab844a8bbdaef97555ba604ada50af6e13d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185538 Malicious code in archaeometry-rollup-plugin-astro-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dcfdaa9a4222852d826a3e0212b6a3584a79729124a8ff9ee1178222bb3de18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188565 Malicious code in parse-key-lambda-new-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35ed373476804d416dcd59b1c810994e717e5d31441177b19f2a9de08e8d2d8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188928 Malicious code in proxy-process-rho-chi-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcbf9b30ea0fbcd0b34c3091843c49cea3a14ca9545d7b4ab2def8a21e698b4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190229 Malicious code in wasat-bioinformatics-leda-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 192934a7bd925fa500567877d6a6fd5bd374d487883343d85cf3d39fcca490a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...