Malicious code in sandbox-scale-promise-unix-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ddcf410fd06e2ea2f2269a667bfebbb5ab12de14aad2c9f47ef13f257ca503 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-stop-indus-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87bb8e1129a1d5a199fd42030542e91c8c409a534084d9519532cc4057e92cc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-hapi-publish-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f30a4b6ed232f3a0f88e9b315c00447a3e16a47c406a885a51e8efb67a3253d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cat-void-bash-cache-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778f07c6825f30529d578e5e0b9222d362189c07821fd7aac30de9ef4b174d12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in csrf-callisto-hapi-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3353f2b88309fec3f0a2db16bc2c7dacbf46763f6ef7ba45dc6a3742e6ec2f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in duplex-request-astrometry-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2651fe16dc29246ea136b5abe4b863a53fc8361641f4db128a6e69e0911519d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in futurology-fermiparadox-parsec-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7932b00db63a52a64e991976f6b489776b42c5b992ba035510f6778c3fcd33c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeogenetics-ganymede-paleoceanography-ignite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f632db2abe61d259b3bc4c1f8b0dace7f1c727cfead5c4c2611a7642171c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-xo-bulma-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d53fa6d63360ec3de4a80b2c87d0ef1b1c8be878f55db4510f568325a0e0271 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in report-epsilon-socket-beta-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a374b6f621a7480a7de9e738180564cc75591db6337a7b845ed16decbc25ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188000 Malicious code in meta-load-thread-grep-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 109caf8ad26be27a56c9b5d71584ee315b90d7198b132c76436f93ddeb1a2f10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186453 Malicious code in cz-conventional-changelog-blitz-steganography-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 730ff285678049eb66e80db3988bb6718e03f59c281d112d5768eb338419befa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186753 Malicious code in enif-terser-webpack-plugin-sass-loader-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a30834a5fbe857adb14874de5f845460556c9a36ba75d7c2eee5f917aa980bd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188990 Malicious code in pyxis-hercules-scripts-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6a81f666995ddc6c6187d95530b91ea605e66fd4709f426879c3d30977691f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188362 Malicious code in npm-global-sublimation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddd49961f0d54ac7944b8c564af29d8e2be7f5aab114048fc3a52eaad56e34ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188960 Malicious code in publish-vuepress-sails-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8174eba67733225bc2a363540d7f5712c22849add86bbb13c447eb8e2266a409 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186875 Malicious code in event-bootes-dotenv-parse-variables-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ae4e0c7b9d2e48b442477e4c3c2f2a64252e4a63f95a4e5c549a3e8047be585 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185859 Malicious code in blitz-materialize-link-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cd6558b44eec2954b20bb99ebb1a7e8e455149631179d6949c5569bd11e1822 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188513 Malicious code in paleoclimatology-node-sass-asteroid-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44d11927628a582b335587691209c5d269ac29f4ecf3d85eb1612706326c4974 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188710 Malicious code in pino-pretty-yildun-express-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 269ed87702f42dc45182c4c396bd4001c18e108c66d5f61fd4f3ac96adeee437 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...