Malicious code in dotenv-safe-nestjs-jest-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66ed3cd5df3b5322f2a5d0825228171b515a648d59576428600d2715421605db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in janus-europa-luna-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1ec9c4de6332495849e84ee2607954ca1bfb4d700c68a98d29db31409ed2670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-electron-gemini-passport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b7e0b7753b1e3940c0e8d9594dd3fa95f29c0b4284b8c99b957e293100a8c9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yildun-command-chai-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdd633c6313d4b9c28b2101444cb08386db672459f194e7ba9bcd01f32efb480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143848 Malicious code in jasmine-carpo-scorpius-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0e478b82bd4c6989f3b5401fe834e59f45fd9f764b88f40b4aad9210d51eb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149691 Malicious code in xenos-thuban-resolvers-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c87583f813bf3b289010d2d1fe63c705d1c7b1a54fd57decd0f17f40b0c5d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148625 Malicious code in tethys-non-blocking-hexo-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d885f6678a047d144fa23ca12189e3691db1ed724e104927120acef8a43c47e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146361 Malicious code in polaris-playwright-proxima-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7ce5a8acc186e4762e4831633d633f82fe9434b7428f24bfe3ed5bbaea92da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148413 Malicious code in sync-adonis-rate-limiter-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df5dc33b4b091bc26ce6cac112f885cbde0319831f4fd7aebc4e645088bf967f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147295 Malicious code in request-hyperion-gridsome-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7865deb1459e7037f7abb2849c9868bff4ee00079f4c78d1fe2341bb6e0fb540 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149211 Malicious code in vuetify-ini-framework-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1ea7eeee9dc7efb74efdee65854ad1c7cafd35be5c51a28e7a4f8938efa4b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139254 Malicious code in airbnb-gacrux-concurrently-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f902fe71cb86fc56849ea755fcc2c4cb1b0f2d2b8b5e2ba0e79f9a3113e4a17c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147938 Malicious code in sirius-ceres-fornax-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6f2388b163e7ec37eda82704f0e6b2e1e2e914a06832c2410f70c506789df1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142951 Malicious code in global-toml-vuepress-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6a8cdb722e96e67d2348f504d26379d9b7b8862df3266e39cbf1756954a7aa2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141818 Malicious code in duplex-procyon-polaris-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f150630be124e004b880b0b1ddb3db1a1a90e4dc246b805c544c181e3e6f32e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144561 Malicious code in loopback-readable-meissa-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a2117bd95d718c11d1d7d6fc5d2cb578836a47b121782b374e510f1375c7c4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avior-semantic-release-prettier-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad1bee846b0039c60e0e0057b6c29b031b648b21ebbe632243dafe96452cfc5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in algol-forever-regulus-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4211f798c9f412b0916abfe461be011e99a9edb91f9ee5b1abcd2094556917da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in buffer-phenomic-miranda-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 797d2e82ce63670112679026f7d3cac4b6e5ca661260cd094fd9a863dfa5e963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auth0-remark-rimraf-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 714ef1f3aadd820dc4f68eb12147374722db65daeeb986feb08523154cd2607d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...