Malicious code in sagitta-shelljs-halley-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c27d14c78f0650cc9e36a6a09704b5376e65f49f575b3bcc650e67f28f0dbb37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-registry-webpack-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c310c475846e8ee5e7c18a1b32e566c7929067fa02791639c37510e9d7820c0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in module-serialize-fire-bash-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a46ef2a5eeea574812f8195f6276a061db7134416045f32a5444ac99d064d53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryonics-neutronstar-webdriver-mocha-whitedwarf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a4b05c0c53a0d448df82872cee2b18e5bff3f2660a4e6b65d8944adf0e9fd96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-palynology-aquarius-lithosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac0bbb77f85d66e96e7621b2df56694543e202d7f900f824020d324e9e6b068 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chakra-ui-levels-mdx-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 442adf60ce8acbdcd15a70104aa1c2f5e2133c7fc2475f6427313c300e424095 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centauri-xenos-phoebe-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc23ec470610be833e796362f1c280af48f60e336558cd532a2841ce205d45cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-supercluster-release-it-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongodb-cz-conventional-changelog-rollup-plugin-biosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b32ece2ef7ce06b92f4ca3800ffeba375ee8a9902c3e47cb0f2dbb8ad0cc57d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in code-report-cold-iota-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64bf5e8505918bd9d308b0badcac899a832317e13a323ffe00e5666a0329a5aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in petrology-galaxy-paleoecology-crust (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bb81702c7e9a09b3d90a77f1f5fe6346c46d6d0cb7645b0b6ff4fd35910eb59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in farout-quark-joviology-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c230aeb0dbc961504d4d49ed9821e3c3a573289a1d57329fe4e15a004318974b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in permission-permission-link-monitor-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d431a409565d9e8eeb792724e8d57bd258eeffbb797a03748a52fa0965af76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in convict-ultra-paleoceanography-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c2845167a2257ec7f82721ef915aacbaf01c5ba75ccb341823c0098c0746549 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in concurrently-janus-spinner-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8fcadf406f92f7582c4cf7874b4e875c3cfba00d445f70dce8eae741d340739 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-slides-duplex-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba8a0f7103bc28344b11048c487f65148e33abee3d3ff35337b6564cbb4ca14a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188506 Malicious code in paleoclimatology-cosmogenic-crust-kardashevscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00e15ddb8489db7af6fbf7562f37b8fc6a58192ece39405003e76501af3efbeb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190381 Malicious code in xenos-upgrade-orbit-kinetic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22aacfc70714c921495c0072e931272fb84602da273d378a399fb895e36b109d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186012 Malicious code in cassini-hawkingradiation-rocket-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5253824e08b7a2567634e293db52907f34094d4adacb6b4ba2c609be5a522aab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189945 Malicious code in toml-csrf-quark-geodynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3982dbf209ee7d6c85aa17c309ca25a440c04ba6066aa91726691826108aebb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...