MAL-2025-187556 Malicious code in izar-mini-css-extract-plugin-hercules-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6536a29dfab966492b09b2edeb0b4ae69f3011304e1a35a5d640f66472abbb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190039 Malicious code in umbra-jekyll-foundation-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c106822cf8e3fa26d502751c57e0f20c137335a06eaa078c6724cb7fa72d9938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186755 Malicious code in enif-zooarchaeology-jovian-extremophile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12bfde11491b202a9ef0e7d59f6c037b33c4a718db17f3028ae3c1c5a5ed5e0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188930 Malicious code in psi-monitor-old-hot-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06252f89b5ee1e7f2068a36a6609079029edd2ce863bc78470237c11e290d5ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190389 Malicious code in xerxes-perseus-antd-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81323bf2213ec382936f574183e15746e0cdd853bd816099879b73532eb5af70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187570 Malicious code in janus-enceladus-supernova-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c0d9eacb602968519228c53fe632ffea01a20848339c1332b7c1701c9be4f96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188574 Malicious code in passport-coronalmassejection-vulcan-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50b0eacc9625153c6f8ea0ce91170fe0a92cca5c46d7b2b5a14cded70fe59094 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188404 Malicious code in old-decompress-scale-throw-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ac07058aa278241320c2b4fc18a86d94746457ed24ac97143b47589a18f1203 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187849 Malicious code in loglevel-exobiology-eslint-config-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd7fbd22a1e96b35affa0f148afd128f06a5c0bb44fb6a1ee53d15e319543f2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186424 Malicious code in css-minimizer-webpack-plugin-superagent-npm-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec208a1d158e4c6d43500fa2e73288eb7c5b912b4a3684dfe6633d3d33ce166 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187608 Malicious code in jest-titan-postcss-loader-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a277d7a2ceb2b1f9af71797414949b7377311b1cbeadc87adacedba54221430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188809 Malicious code in prettier-registry-forever-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9bee273ba762279ba30203b2a54d467cc3b01e489006d55110b49d433736a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186197 Malicious code in cold-cron-object-chi-export (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c60002ac5653229eb6215aa13f4ec5c490f97c72faf60b5a0be727c9092c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186383 Malicious code in cross-env-geochemistry-global-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e07fddec6b4d867cf834c4f7492dbf165ce6c36307b01ccff40a7cf2c89ec4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187546 Malicious code in iota-simulate-optimize-tree-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47c722544b9359bb4bc6cef7b4fdf6d41f42371b1b8e0c2111cd18050e5101c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189519 Malicious code in sirius-phoebe-zenobia-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4e356e0189aeabe1d3533e01c5b8a0675f2e4f2b23acfdb7648ee90530adf9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188010 Malicious code in metalsmith-xanthus-react-bootstrap-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c249cc1d9495c472c96febcbb4aa5275a3ddc5edcbc067eb482c1e37aa6b7cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186220 Malicious code in comet-perseus-andromeda-terraforming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48aafdc9143f2f03e019398a2f17e8554586833012e56e2e3ea753d55afc6471 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187594 Malicious code in java-socket-cluster-decode-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91f9d43e44408d07d0519e14906a4ab844a8bbdaef97555ba604ada50af6e13d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188565 Malicious code in parse-key-lambda-new-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35ed373476804d416dcd59b1c810994e717e5d31441177b19f2a9de08e8d2d8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...