Malicious code in double-decode-encrypt-cache-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2dd120085360bd941b6b618bfba167ef9076e6663bd3af7dc247e1b7a6588f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-spectron-webdriver-nestjs-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26bbd9161c64afc49fa855f2f702c58f7550b71f364944f0224c1323aa0cd7e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187029 Malicious code in fornax-chariklo-sass-loader-parsec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 850e2c6c4023e5a4b443ad2f8ca4fad3529da5229a547813a31c34b4e139c1ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188535 Malicious code in paleontology-mensa-altair-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77a633c6b86cac2930385f3eebdca63ae10a81cf8d77661d33d82855cd92e570 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186542 Malicious code in dendrochronology-test-markdownlint-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367aecf6bc954214e27f286e5d8f5261d0c857e8add3e2abe083efdcd37cacd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasat-foundation-webdriverio-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efd9a86d6be17cbc44f9dae6883bbba2e3a38738aaf80a503bc35aa86bebe5a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astro-cors-pulsar-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59931b01fc60b27e9ad893bc7767e2c241ffa9fd0413df3cddc31dce9fcac8d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alphard-gatsby-commitizen-node-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa5b5cad41900c2a1a91c718854a886f4827fa919f848f476fe11be4a3347afe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protractor-farout-dorado-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93341308d22b77fdf58c9111f2a073247b0d032db7fa33d572d4ca2176712eb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in graphql-elektra-triton-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f32d98eba6cf6a31eff8d8c5f67b0544f7ea9333a54ebdc237767280fcbcf553 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cold-phi-cloud-cluster-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0e9984087d6fc6265ee22bf94590da86323c7d97b5205d237579d0a5556bf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleomagnetism-izar-gacrux-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b2dbb229aae42fe5aa081a87bf1a6ae6488abfb909b16dcfe7a4f57867aab85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apex-soap-restart-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0468f6b71f7d1589a508e656cb20a8746821763029ea2e63c948a1062b5e47bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-eta-virtualize-route-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dee0ac4d68ba5461762a9c09528cb82ee33f4d8bb5876df2f586f19adb0c3391 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in comet-auth-html-webpack-plugin-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f5b037c3a10e0eb5d63054a411dd6a2daeb791121c669593b5602687a52454b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitlint-config-angular-forever-dotenv-parse-variables-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e8eabd8ef0a60fb9207674e7219976cda9db0950935484582aa5086ac905614 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in epsilon-beta-key-double-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f0681495491db7e545763d456b2c3b521039fbd9b347d6741ec1d056df57936 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in error-alpha-sanitize-sanitize-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c05a938b12a3f015427b82e19d6772e1ff1d896c7088a090df2f14ff244015e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exec-zephyr-xo-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0a537378001b9bae4498bb04fea101778d1e52997d9ef0b70e87f31e71d3122 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in final-secure-epsilon-catch-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17e86d24f9e0aa24c62e5e4c9ec1038d73add02f6ef91a7fcf8a98ddf0a6de0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...