Malicious code in callback-xanthus-astrochemistry-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e74905ae15aeed1f45edc675826a313007486a970d1f7ff6229b2fcc6ec21d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef8b0e335c02e9e3202c8e0195d3bfd55501baef7ef0af424b6b5b8eb2310c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in delphinus-vuepress-antares-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dcf0668bcdb957f83f8e10040b7ab393c0cb92bdc061a5e437566c48e7481c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in entanglement-cybernetics-process-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e06586a765b530944155684e617df07ed0c29003a7453573c8a02a71bf0b1da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in water-await-kappa-byte-minify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddac8211a085975ed1a27a1a6781daaf1224c8e6a0b1d8ab5d86e1876a0be703 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-eslint-plugin-corvus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9921124b23b8c3333632e1a5ad8852823bbc42e2f37bc4ab4272265763d84cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unix-zeta-star-execute-uglify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c33862756501024f2e8c14ac92df950c1c78a5d1a0d95d1979c172205a8430db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-venus-coronalmassejection-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a9f79b52091ebff932b871168c288a94bf9d5c3465addfc54adbcb69c3ca52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rimraf-centauri-loop-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bd387d55005c58c55352182c18c3112abc00546ff906373d546d58e4201bc40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in figures-duplex-halley-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f15be67b84b88a559dde218c9060dcc3b407af67dfaf55e7bdaf84c10c90c62c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in triton-meissa-indus-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543a5fbe2c634835f233125fa69f909d389d897543417caaff9c6fb9f9c7a6ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-parse-variables-heliophysics-wasat-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f18f0da4eb19316997c90d96ccdcd3fdbbc492bb805db52cc447d51631bb5ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in finally-notify-table-orchestrate-sigma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3d4ecfd3ec9e536b6f5c276f6a533ced1d24590a4a00d5d059c241e6c2fd05e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aldebaran-thuban-gacrux-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89edf3df3532bb49c2c76748f619d106892eaa539e1416145739aa8a307a1f0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187029 Malicious code in fornax-chariklo-sass-loader-parsec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 850e2c6c4023e5a4b443ad2f8ca4fad3529da5229a547813a31c34b4e139c1ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189783 Malicious code in supervisor-winston-superagent-exosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c074d6bb8981f905b8fa46ab7436103cabd9d9c9259190086e0dfb4dea7f3f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in child-process-eridanus-cypress-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2052a0a86d5712791f1bcaf79b700a6a9e92e85eece452bd875120b46a08accc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187719 Malicious code in lacerta-chalk-ini-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45cf21208b56ae1d0da3be8ce48b148ac7f6247e8b2ee4ddf53e45b162060b7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188972 Malicious code in pulsar-mocha-saturnology-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e9af36bde91252a42ee3406851e9f22162b169e8cd83b2d46b3e2ab72d99eba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189801 Malicious code in tachyon-vortex-bellatrix-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5822972fbd20e17b527df3dc5f1fc0d18bc0328f474e68ac68715f30e9fca2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...