Malicious code in local-terser-postcss-loader-eventhoriz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34b65bfa47dbfe04c6f4b072ca313e3d49adb15a955a7b43a2c1fe3e2dee460c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xi-minify-bundle-sigma-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0d9afe7d7141055c0838ad1a3d5294b15a110475b4a168a1ba8da29c0f3f468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187141 Malicious code in gemini-joviology-sedimentology-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95136669cd1e8b6d87622527db48cc78b70658c9ac9f9516faa74e882d1300a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188757 Malicious code in pm2-dorado-lithosphere-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd0bf0122bf53ffd695ca74ef50913f10924601962d70f7e2efee47d07ce23d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187758 Malicious code in less-loader-rocket-adonis-kronos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb348d5f9f6c382b7097d3a12d16dbd64c584ad9d700b67e646aaaba37f84a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188516 Malicious code in paleoclimatology-paleoanthropology-supercluster-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 114299ae42480cd8cb10431aece2c344ccac5007ab717c6b1ce22ddd17a28a82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186735 Malicious code in enceladus-oortcloud-augmentedreality-cosmicsilence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1be6fc81215391cb9e6519837e991bedfbd60da09c93eed5f1cc8fa4dbf37cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aldebaran-halley-eris-rollup-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ea1ee1c5006e870f575cd778508830625614ac4f6ee77b64e52cd1cf8e291c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-config-geckodriver-algol-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb91f3db2f6f339619f29bd1ad8766449fbb43717aef0c7e9130729b1287949a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in selenology-zenobia-loglevel-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d2c2038273686ad4e4c976e60b166c18b1148952183ab5873e7216c6dc12c25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transport-technocracy-geomorphology-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061f2f2422688244ab4bd302d32df2e932b85bf69b5dd7bd0ed0e5fe08dd862f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in venus-epimetheus-halley-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d0ce58004f4853ebd835af1a1ca2e27dcc4bb1b1cb75811f3bfec1c331fb9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-supernova-transhumanism-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f080f91fc223896f4b99c2ef315f355058984fd6c7ad8f2a112c9c4f169b8e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-event-install-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b410cef5e278f40d1683c3c77135d349c9f67e0537b356d77f55cbd71a3c50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jasmine-metalsmith-schema-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a67d95657794543c0c975eb63112589e29b6bcfdff3feed460227a8b21843de3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upgrade-quantum-computing-eslint-plugin-areology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f24884b7f8123dd633e86819d246df7e79be71c3680536de53b2cdce89ba5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in new-decode-process-orchestrate-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45e27d28f9ad2788a67a1929e3d71bef664870e512e39baceef376995e2cc8eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decode-info-new-finally-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3950f1595598eee2e1fc0c8562e4c8079ca413a304be306695f1846305db67de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in husky-bulma-nebula-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029de86705f76c06a577e00966fac5cdab3d36021be7d50cec1844bd03f7b785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cross-env-native-centaurus-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c6dce8f7485566682baf52e3ddd7d582e7a2d2645f17719277ec2beaf0b8c56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...