Malicious code in scorpius-gemini-ionosphere-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58caf529580aeb51398d73880496f218ffb439bc6ff6cdea588b6fa00681ac25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-duplex-request-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bc9a8d56bd914325daddf0f1c5c1d6a1d44632b799c474ae33e71c334883104 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mui-xerxes-proxima-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c12bceab74b6419a10feede58b31581319ad3c2259073f79ffd2d6f2445171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in passport-coronalmassejection-vulcan-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50b0eacc9625153c6f8ea0ce91170fe0a92cca5c46d7b2b5a14cded70fe59094 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bad-alert-long-container-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d6513c98d72ad1bdbdce3ec34a2d8da4e0b671dfcabae5f29fe5adebfbc0de6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-pulsar-redshift-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01eb7e5dee33aa92aeb7c166125c8a2a537b2b75814637049b7ce936ca515d24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ariel-xenos-dione-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db83500cf3a16dbc3ca0c22ba4bff36c9de611ba6a892a7bc8283db3e81e976e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grus-prosthetics-stream-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8349dbfa155f2d339ef3fd2ea67bde24011b09acb828ba410014298d1394d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chariklo-babel-postgres-thuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 393b5965a6937405c9e5c9fcbd04f7ceb4037d5f924bc82461abf50350ff323d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in public-final-iota-upsilon-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df5b112f5906a2a0cd00f09c3c6173c301de7c42a79c707edaf7e7b5470c38d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radiometric-proxima-ophiuchus-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e4cebbe5b73c636c28c777ed6499e4fb906fcc3ffa5a700a0f16cd85821770 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polaris-typeorm-carina-solarnebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cd39e7155d8520a5724569d8afb03405c8267596fb7bf5b3a99361f880220d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-magellan-magnetosphere-paleomagnetism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fee2dc3ceeab278bb8c4c5fa3312ad51340599245bcdf8b5de8eeb28e8d9bce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in enum-interface-grep-reject-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9747adeee551e390a70f8a76ee111fb487d01e20f50b884d50ee6cbe5e0d4f3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187457 Malicious code in indus-cybernetics-prettier-plugin-markdown-pavo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50342f66aea54d13a2bfba5a8069396f221e278212a13e5a0002e74b7786f422 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187122 Malicious code in gatsby-fornax-nuxtjs-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17493a8c27f8742691d5fb50ff801a6a531114bb0524fe9605d6af16d32780de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189979 Malicious code in transpile-new-cache-iota-quick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c5f768de28debbd6b75b7ca7af27a0d76a8d2e252a57dd227893aeb559ff981 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185473 Malicious code in antares-procyon-xenon-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7abddecc25f1220eeceabb1fe7418b88ec3fc540c529cd4130cf53050d96271a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187342 Malicious code in hermes-child-process-apex-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a281ad403ce48fe80ffae106c96e750395afa994deaa511034c881291b3f006f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...