Malicious code in perseus-chariklo-webpack-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f539904b019a9a6927140559d0a40efa04b8065a579e3438207e57294f5c867 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141823 Malicious code in dynamo-axios-vuetify-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07f3ccc278e62a86432c414a4fe672c642dea1baed087c337de30b545748280 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141688 Malicious code in dorado-ignite-kronos-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66abf121dfd2cc9376e533592688a982b3b97fa45c1a65d3d4d3d85a8e1cac52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140872 Malicious code in comet-cors-procyon-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01a2a89b119108ed4e870e27de544670e728a8d329e9e73ee1f8bbd76d6dc821 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149846 Malicious code in zenith-commitizen-update-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79414b36fb87b9e075a85ceb31b5cf9491f928b41b592a4672ea17927ba467df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147865 Malicious code in sequelize-equinox-lacerta-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa3e2d46d3d517afc6557d20aa925eda1d31db589962ff1f1696639167d9e4ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146142 Malicious code in phoebe-callback-javascript-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 863b7bdace3d43c148c9ec83856b8f909c3780ed176684c3d48c0716917f78d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bulma-nextjs-playwright-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 563051be1ab409d07dbe8c4deb9edbe396b53845dc3747bb1007c2a25abb8578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitlint-antares-chariklo-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b721512cc47a4a37613f305324a66d29cc423e0fbfe0d78155a8aa93f41bd14f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-prompts-dynamo-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc122cc572c3d2d1191ceaaf9b9258aad88aba7da7c0c08509fe79058b68496 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in andromeda-public-zenobia-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9af88250587b9710fe2bf5b9df038ec1fbf544a4f938671d0632e9b4f6f5b41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-registry-andromeda-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e537ce0a5cc5e46f30d717f43d4ff0980a85f8ad7d038de681d111fae1a26a96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centauri-chakra-ui-upgrade-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c97d1732e08f808b9dd9c74b462e75c996c7be35f851bb79e18d0eb37147d24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tethys-mira-csv-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c92e07edfec104f27c0d5def85f67861f7dd01686a1fd7615be4a2fb1db864c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143608 Malicious code in ini-supervisor-ini-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b29a32dd2b265a29cfbec53f5ec524396621a56b1ac1096d46802296fb8d328f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141432 Malicious code in cz-conventional-changelog-request-axios-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2893e5c2e75e23ff044c882435ef17ec60ab89de147a37064ee46865b515f786 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmos-commitizen-quito-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d396766edb0e28e3c059fe2e8744a122fa7919dcec485819019662e51aa0af36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xanadu-leda-bunyan-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8daad87c85d73df4e50cbf5ae6d7f071b1e0e00f8dcff8e225e8dd160c157a0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in update-await-uninstall-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71c2279fe5109fedbf05ed0de8e7a13f3135c71fca750b79602f5366b373ebbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fomalhaut-spinner-capella-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa0e8d1ddde0788381e96ddabfe8341e2ff22da6843eb0046ffd53de5dbc0b31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...