Malicious code in emulate-private-alpha-decompress-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a73cd7def8995cb1c4f464021cd52d52ea06de08bba825ef6747549710d415d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in castor-callisto-miranda-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642a0e3b58478b1752d42ebe06e3728a14dd0d553d9e35c2c8bf429b0d2670e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in enceladus-mdx-zenobia-blazar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99e2a80c789cff4acf26ba387580fde45a9aa60b2e20961dff463da98406a92d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cybernetics-selenology-local-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45900616fd9126bd090f5865bdf4a028806e11b2380fee63848bb099345c6c7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pipe-cz-conventional-changelog-meissa-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f76581a30ce1561ccc8aff0c4f6f3ecc981e5d814d26ad12af5b54f32937a161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rocket-package-sass-loader-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d67124e33ba64b1c42f833fc39b6ff0beafc787ffff39c5b660e68a4b0a509dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in selenium-halley-algol-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02ed0d72aa17ef547016ffb572562b5c34e11e0379d30a6ddc9cdd64cc716793 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in less-mineralogy-airbnb-tardigrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1e150649f9701fa8a91531cb8cfe5a7a8a65c99dfd46ea28f5561aad1fc5b44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-commitizen-firebase-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84a02e2ebc235a5858f5242b7bca357fb71d130da4ddc12d9ce922d603aa30f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elektra-yakutsk-cosmicray-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64e053063556b6ad51aaa35357c867ca4d8fbfbd2c51ef10bbd60a53ea1b3916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in integer-optimize-alpha-byte-authenticate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3cc0597617c50b1abbdb88a4a1f29177a51dd4efc9e1e4472762f2d4125f247 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yonder-webdriverio-lynx-blackhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfbb715d4acf64ade15a47fd3c5a01c86a6a1ba2777dc7bb8b003d084a247a51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189971 Malicious code in transhumanism-auriga-markdownlint-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94ca6b14f6e0c18b868134377c560103624d5e12334780667f4b5e1ff6661ca0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187781 Malicious code in library-nebula-rest-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79ba74e4d265a0cd7cf0b173712f28c7ddd0af4de4fa9cd301c0208b5d3e55be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189572 Malicious code in socket-sigma-minify-pipe-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db413d110af403ea736f9c779fd5677f35ce04384260e6cc655e3585db962105 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187495 Malicious code in install-enceladus-mesosphere-superflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa05ee353befdf7fe1c329eeca05b4cc9cee78fc3dbac41901ee4bcd6609fefd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186190 Malicious code in cluster-wavefunction-subduction-transhumanism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0e6bd0652b5e4d018e928834eec7a01faca00e01d4f657865eee6364dbb3b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in heliophysics-aurora-lint-staged-global (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3146d8b6e52b168ae00047b32f06d4bcb6748de549b64b41b2bfb73c6bd4abd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in solarnebula-browserify-lightyear-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d0114a2c36dc9ade148440482f25df3f599403a605d2438cde49dd242f702b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185812 Malicious code in biogeochemistry-xenos-nashira-petrology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82fe21385e7e511f088a5163fdd58d197f1dfb485a1f949ee04b4b14cd53d4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...