Malicious code in webdriver-manager-parcel-innercore-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2f785d53eb57cf7662b6f998c6b059fc8dab31a64d5eb9fe8f614df352667b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in balance-public-new-object-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e4bc6026cbccdbd46d399f7ad4ad79e78e3f51369f9d5a0619d82b3a0f75f5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aldebaran-lyra-magellan-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81adcc48a2be10a01cfcdea5d7b3f48aed02eee2a2b8df9e474f6f4d3026e7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unix-execute-file-route-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d68b960e530b4d83fb85ec9128c0b09c044d524863710059518465a2c086801c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lynx-astrobiology-exobiology-plutology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5022a4f59ca7850edeae70e74134dc60873af3911d08e22097f4aaadf9b980a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lithosphere-browserify-express-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fdc8dd182e784cfc7505a87b79d3bb63e3889f3079e330bce2c95ac7d3a6778 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nebula-delphinus-planckscale-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b5858e77cc2e90855108f123b97315d25fd03366fd3a2c7c3d5ae81ca595a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-sass-loader-dagda-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fe9c9d0f9257e10d0d36f8a449e90ac738feb5c317dd23046cda74505c2a743 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-cluster-ursa-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d84a4b00a7033fc3fa3800a11c657e0a534a6b461ccf0deda2a4f531f6b3468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ophiuchus-europa-charon-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e44526855cca25f3722d9837807468169f2a527c7ca060af49086605dac9d3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gatsby-enif-tachyon-prosthetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3e1fe40b9f4663cd8b878d886d2d8206a84740ad4a30ca7055e0b73b99ffd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in library-babel-meteor-kronos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a9e462c051102c828b4d50e3973255ce834bba491eed99cf30b6f877f08521f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nashira-materialize-publish-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6830ac46dd9d24333dbc5f8c74a61c9334671ab3093941bb7008dc605d1cc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188685 Malicious code in phoenix-perseus-mocha-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab6606c12f1d8a31b4ffa60bdd8a08643e40c577af49e628586123bd9d36ae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in assert-float-private-process-star (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 381d6b6ae92f501705369a58be23c204be60a36080085679894d2452de8eec27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in changelog-archaeogenetics-mini-css-extract-plugin-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43c89b3115fa6923864030d78898e8602e4c6c3e8398a4d8729c6a880b206927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in corvus-vuepress-concurrently-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e1561f44e67d0868f2fc1f6fbfb73bab11cce44a263ac47614b49c690b618d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxy-encode-cache-easy-delta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b71d7168ce33fa33d117ca3dfeb5107315620cdef1a12c36ec833ec3738c04d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upgrade-dysonswarm-node-config-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cfb3957e784c8f64be9d84de653a91b11d80d6ffbf26fbc120b8b24133d2a07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cross-env-flare-hyperion-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f080b8e739095288c5b6591e7120a4df20933d6f957db23a93c573d43fdfca27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...