MAL-2025-189759 Malicious code in supernova-apex-brane-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab01d94b29d7aa233fe2d1e9f2120f984cddca8da4556a13b4db8bb3c93f429f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superposition-nucleosynthesis-mui-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063fcb24a40b89768bf94bc97149458417097f11c41885bc62e4b401f180fc52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189090 Malicious code in react-bootstrap-await-vortex-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe2df41fe79aa7d62e4bc1574ba393debd5f95cf7b85fa3cba47c2287f69cc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188107 Malicious code in mongodb-cz-conventional-changelog-rollup-plugin-biosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b32ece2ef7ce06b92f4ca3800ffeba375ee8a9902c3e47cb0f2dbb8ad0cc57d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186424 Malicious code in css-minimizer-webpack-plugin-superagent-npm-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec208a1d158e4c6d43500fa2e73288eb7c5b912b4a3684dfe6633d3d33ce166 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185484 Malicious code in antimatter-slidev-install-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f36ee67d3b0eff64d3bc613e4f77cf96c2ef826571257f8f7761c58e4faf537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inquirer-stream-metabolomics-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c23a7e6ffd07c74d3af2b189dddfe6e2c933e7ad9a7701fe3da4173ab05cc470 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190489 Malicious code in zooarchaeology-nodemon-semantic-release-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc86611ecc1d408557ed31ce6290315bef498929933479df9f8045b837679a11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186377 Malicious code in cross-env-atlas-non-blocking-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c136167139e7da8f2dfa597abcb7ee932a4d5968c1f94382ea87cc5b9e43128d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in virtualreality-abiogenesis-passport-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216de1758c390287dbbb13dfbd2b313f02658117cb686365a5d236b6ffd10c7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189303 Malicious code in sadr-dactyl-xenon-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db46a51c94a6c001ca87f74104924bd66b9a1470fc9625f9b6c2f34acf9295b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189412 Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mdx-resonance-cryonics-geochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7acea75af333e29d6693c967fecafdc79642a14bdd49af2ec3e0b2428ba053fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in glaciology-venus-biohacking-dysonswarm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e18c4d2789b1847ce358a1f55e64a4f09d66af5edb4bee3de6b30f7d654fa40d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188974 Malicious code in pulsar-phoebe-apex-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97e5c42f40f5c45ce556ed2565617986c5bca5b1f854d73a577665555ca50a2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in enceladus-sirius-radioastronomy-octans (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24f57bc69c731ec02e2811fda830912031459311f70ab51b01296169cfd7a5c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ophiuchus-bunyan-exobiology-biotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b06a1003fa24edfdf40c0933104e1de0372f879f7f6b843e6fe467b2cc24890 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tailwindcss-bulma-vuetify-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1dae4b6617c23b94996978d683edd81cdfa0c3dea5d59e4276843468c90769a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbra-jekyll-foundation-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c106822cf8e3fa26d502751c57e0f20c137335a06eaa078c6724cb7fa72d9938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188878 Malicious code in prosthetics-janus-cosmicray-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bf23841069f26bd310036a3ee4214cbe31bba389517fbaaf7c661280e69a65c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...