MAL-2025-189266 Malicious code in rollup-neptune-webdriver-manager-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9641ae1a94bc9e9e2736447da0d80427ac96de8cf3e3560ab39d02c7194a3db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185454 Malicious code in analyze-signal-bundle-query-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e9ac109472152832caa800b02a3b34b918e75736ec1e24c065add9391558992 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in library-capella-tectonic-child-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad6929a0d0d976d5d901ed69745f745aa60c1112cc89324dcf4401cade4b817 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186015 Malicious code in cassini-pyxis-proxima-isostasy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee145f91f029367c40892d60c12537ef872ce0c03862342747ec9269427cfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189249 Malicious code in rimraf-webdriver-manager-impulse-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fefd7243462f1f8ccba07dd065e1afd7207e0a92494699f6c4e5e02d331673 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tectonic-pino-pretty-build-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c0bcd2058f31fec7229382d839c7ab77d7171eb0c186dc44476d099d33ed8b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189528 Malicious code in slides-convict-husky-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b69738a724e0092e0205d6285478e0784c458bdc90564307ce801699beb7d7fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190221 Malicious code in warp-elara-leda-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bba8246c9cb10c6c1adb2dad15906b9bbbf45d2841b4b415083c739160e1e80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186077 Malicious code in chai-got-pino-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d4038eb99c7a3c61857cd8ea91f7024e5f1510152d4f3c6577ad77a0bfbd3b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185693 Malicious code in await-float-optimize-route-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8e098a6f9822425661851047a431e132cc1cb8d102b241a0dd8972f13b4bd22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189041 Malicious code in query-relay-tethys-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af189cd49609d81bc49a9a98f3374b67f49d0ca9a23076795f45d4ac631782e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186904 Malicious code in exoplanet-izar-superposition-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886be052250c8da22409a509f63c9e24a06168838b56a8677333e16aa414e897 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-rollup-plugin-lightyear-thermochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cc57f45ae1114a1d5982e809872dccf790990097759e1326399fb0c4f9c9805 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186954 Malicious code in fermiparadox-helios-pyxis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4110ce456b0d3ee05ab386cd882d362726708a69daec5cde442abef8ce9a9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188433 Malicious code in oortcloud-zephyr-kinetic-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b32d3835116fa51b0ca9e1a21f2e8ae7dbce3dd0ea885e925e6b8237c337bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188644 Malicious code in perturbation-technosignature-pino-cosmicsilence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0632933a35c46b3f196316eadeb2fdae0ced3d31736337c38ce07b478f2385b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185614 Malicious code in async-cressida-umbra-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d16d7f344a284484ee4c9862dd2dd6ac94ea09769be191bef503fb4a7288385f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189428 Malicious code in selenium-avior-antimatter-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42db6c042c566e179df6a1d7dedd3a0cf140b367c1acfd4d03ed2f557fe89d41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187366 Malicious code in holography-commitlint-xml-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eb59ca534b23129e0bf53a8b51be5dc5a21ab32c8f17d2cc49aff38bc7718e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186465 Malicious code in daemon-function-throw-file-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5a73e261a4f17a185bcca6a3ab3abc503be436cc2631043966eea2b64c29a97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...