Malicious code in apex-magellan-winston-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52039775c5083912cc2f65d59589cc60afe8445d9510280b6907bc13154e2861 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in babel-auth0-castor-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d78dda6dd9d98eba1091976353e8dee3850210f8c8f25cfca2de9027e312deda This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lint-ini-carpo-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 710073126339c59eb7484057356e51e3da9dc45a7611ec43e102dada5d735dcf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriverio-impulse-chakra-ui-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 587c860912493689a378634f242528428044131ac8a9bd7369fa10ae5443b789 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144619 Malicious code in lyra-winston-nightwatch-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fe6bca6a2e77e7c2a22c4bbeda5029b832f6a63e482c2177518ac885e4ecc49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139994 Malicious code in betelgeuse-node-config-webdriver-mocha-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a6bb0a98922401bd6403c8a219e0615fc5d749430667d02d1d7b9d26dfe6227 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141361 Malicious code in csv-ultra-wezen-astro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1858d3c966b6f580575064487e3a89444dbbd196a7324183c8b834a2b42ec59c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147938 Malicious code in sirius-ceres-fornax-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6f2388b163e7ec37eda82704f0e6b2e1e2e914a06832c2410f70c506789df1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143949 Malicious code in jovian-hydra-chakra-ui-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e11890f1057cd031f348255b194e3c7423681fc7aa622fb91bcc95d904fda02d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147318 Malicious code in resolvers-bellatrix-jsonp-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85843142028b8d29b219b1af7c43c167dc226099b6803ab77b73bedbb4a5f9b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143573 Malicious code in indus-perseus-publish-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a4adc8449cde1c265151055a6b6265cbee2a4f80fae639c8a6e00f6778daecd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-envconfig-jest-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 546ab6a959b803324db553cdd9de9cedab5e5868186484d81e3025537071f703 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in semantic-ui-tool-fornax-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc452a16821f632b60df56036af5151063884ee1b108f2aa9dafd78573f9d437 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in testcafe-kinetic-meteor-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 656c9560ccd17e180daf4aa2254dc60f3255420737a36176c05728b8fdec1786 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yakutsk-kastra-webpack-release-it (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da31a94dea166f9732544d8bc74d15fb23b8b8d49f3dcd8465de86a7b8ba7022 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in loop-sadr-mensa-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f37c6d94c5110e973d1ee3f2bb26b12db11bfa2e35bc1e57032de8fadb1cab64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in janus-europa-luna-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1ec9c4de6332495849e84ee2607954ca1bfb4d700c68a98d29db31409ed2670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-electron-gemini-passport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b7e0b7753b1e3940c0e8d9594dd3fa95f29c0b4284b8c99b957e293100a8c9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yildun-command-chai-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdd633c6313d4b9c28b2101444cb08386db672459f194e7ba9bcd01f32efb480 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140583 Malicious code in chai-ariel-leda-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e0c19fadb59ff1cfce3dcfefcb8cd39cdd8131cefd27b03e987380a8faaa1e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...