Malicious code in bad-grep-web-private-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1d19046a243867da27ff2fbe8d4c548771683ae883e3ca87a73b415622faf09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in final-uglify-decrypt-enum-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51cf34266ad37aa88ee54ca8fef0e48089c1c23d25a4a498c6d0188672152636 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exec-proxima-ophiuchus-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b09158f6d460d1b85b22dc0e801b0489afa54a047d31b5575832b9be64e623a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in server-child-process-cosmicray-extremophile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6316145b0472d0c005490d4ef43f0176b634b95ea76538471807b19d36ad73a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in string-epimetheus-neptunology-vulcan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87799b6ccfec3c2366bd5ed81d245b37d7001448ecfa937c6f2af98929640806 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-auriga-module-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 939bce452be9f38f47bf7adba1f04636244fa890ff50cdd36a91f3c3e80598d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mysql-fork-pavo-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238d311463f574170c5184cf88b55be3f9775159d52d35ba3b1353ef03901c60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188764 Malicious code in polaris-octans-bootstrap-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e794a074d4ebf53311b8c15ed0a7590b87a6acfd2b98471fc90e6b52996200b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biosignature-spawn-slidev-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08678df57d0faab58f3bdefe4aa354744ee16d6eda67bc9e6e1f9b7178654520 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boolean-xml-encrypt-hash-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5608c9003bb55183a2e3474b02ea988d7f045adaed0bb38d6ade8995426525 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cache-less-venus-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 659212101cca38f059209e2f0da10a24d153b7169e257a5f1253c0a48b3eba05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in encode-promise-cold-awk-easy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 770b733289ffaeef1159c7bf5b8359c052e3f1e56bc9361230a958eb4d3d4a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in heka-centaurus-nodemon-hydrogeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf4c5450abbd3567bd61e8f6a80976123a5fa4f46e632979d964711833faa7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hyperion-heka-promise-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50eed8421b312d177df2e30c8a1f41728b0d0ac4647908b74f9732d47c0c082f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in install-geckodriver-blueshift-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2240b015dcaf28ec92b8a7042872a396aca384419b7482b994f0efd2493d68b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-pdf-mdx-build-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed5368d721e6688cca2df4ecc49dce2acefe3054c59f7825db20785e9cf725a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nconf-cryptography-paleoanthropology-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8375332da92fc519c44a3234f51bc3152ffafedf0e05ec57d11f6f07e55f08d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-acamar-exobiology-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52eb98f646911d61e3014c13b6acf805320bc752bda68d07adc39cea18b128b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in object-chi-yaml-authorize-zero (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34beeb136dccab96c3b1fb568433900d04536d8ac74ee3478fa87a4b3bae1716 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in permission-resolve-function-fast-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 459860edf67e24cf65eba1b81de8a35d10e8de00a10c131af68c3734515c11af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...