MAL-2025-189089 Malicious code in rate-limiter-writable-dotenv-safe-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3665c39d41a5a94032ec0050cb7fbb6f9f77712de1214f36c8fa0b624f6c78b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189768 Malicious code in supernova-phylogenetics-terser-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 869b9375b776171d4f47ddce1c89cbe87af6fe96e7a7980e9ae061b7cb416a86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185739 Malicious code in bad-stub-key-fast-minify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6c2c8f6d14460407b52dec97db373eef1b32d2587cad3e6194362609b822c25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auriga-postgres-fermion-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab8e02ba82b0898bc0bbc8add1a4523f665ccee9221aa11a5577e629471b082e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decompress-sed-sudo-index-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cc592a7a723dd856e9dde69428de0f664c7f8f43ef7b2cfe747f530b8260923 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185989 Malicious code in callisto-hyperion-dactyl-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f5fbb4310291c69ae8f62db97f4ea9145c9fcda4341d9b4daa0178186b0d4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187531 Malicious code in iota-aether-hawkingradiation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0a7a9c4b6adbb29d416747efaefe914079d8722fce2307a0b32e37ccc5eb06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187918 Malicious code in mantle-asteroid-charon-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc19ae5a48a8eeab6ddcda9393877d6e8a6501c2de85c903efe8b1735889a1dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186174 Malicious code in cloud-star-parse-fork-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8952f1c640e356dec0fbec116b2f433817d877347505c728b5161b584a49ef99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186975 Malicious code in file-decompress-gamma-wind-object (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18eb3d3f0daa811ce492b9531635f4cef64f89da0a246e6005ed0a1dca836ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kernel-encode-benchmark-interface-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76380f75d8ba6f59ab05dc5b0107949199b7af150de9616738aa35c5715dc30a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geodynamo-callback-less-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c4458ad3238e5de7a67c222d870ebe2709d938149bc1b8763330abcf4a23e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kinetic-backend-technocracy-archaeometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 441db525cc0b919f2d77662c5a7fab95e9af9fa464ddd5fbaf0397b903778a5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in comet-areology-exobiology-perturbation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac451f944be29580351eac0dccac375a279a8129179ac8cdb869585117c5f018 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190095 Malicious code in upsilon-sandbox-static-module-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e533630891122508e162c5d422726d9d4e5f8d60c5a3411fbb538bc10a3d28 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189835 Malicious code in technocracy-neptunology-entanglement-whitedwarf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a714060d334a3130ad7599f72fbbeacd26069ba90c6a06c2bd81ea9eedcf8e07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189489 Malicious code in sigma-query-interpret-phi-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a99585f843fc934bcd70b362cd9255963bc313216a20084ac91a6471106bb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189731 Malicious code in sun-bad-assert-secure-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d895d4b0345e91c1f17b7dcbc0cb8bd298eccd311b392650ae6fc5dc7c9258d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in delta-string-enum-thread-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cdaa218fcf1da6962e6363ac39a9737390e281d97f094cb7660d1ec9e6b733d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in arcturus-nucleosynthesis-commitizen-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c059255ede275e21e5d68337bb9005b3814fb3f5f7d935ee2d55255bd2a1a9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...