Malicious code in cladistics-markdown-pdf-helmet-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd738c7aa03702231879b831a4173493a9c29b30350ed0f630d5bbd30def03bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hercules-fermion-hyperion-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 732d75f6cb499379b6843ff19e5384bb058ca83c8c3c88845de8f273a8505aa2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in virtualize-kernel-string-cluster-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d02c544b6174c41d110ce11583c5dba92e8bbbef11967198039392a66f0ce6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in remark-loglevel-process-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b2cdb762f4052d4146c3d2d35d10fe3fe6516343cf764c76cc9a051dfc4474 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slidev-webdriverio-geodynamo-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e40b8ef2ca4a1c55c75b881b2d9d0b2cffd2b53d5be554752f1411031b944caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protractor-farout-dorado-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93341308d22b77fdf58c9111f2a073247b0d032db7fa33d572d4ca2176712eb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rocket-graviton-aurora-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 312704295e91a4e60e1f83792dc3966d9e28d04e1dde7d2905badea7db81b53b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratosphere-spectron-webdriver-deimos-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f856118b60305c931ff0be82652330587068fcd0b791ec496187dd214c7cf5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in child-process-concurrently-chakra-ui-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66acf8a52ab5f47e31e87daa88e9ccc679f3580c46543cd05ee50741b3f97448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bad-xml-simple-yaml-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1084f45e2b231ed30cdbb03493b4346773bba921e81e7b020cd83f67573b669 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in global-barnard-protoplanetarydisk-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 910c41c66c48d31941c2f3ce244040c413f047435e8c773242bcc0c1ccc0c179 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kinetic-backend-technocracy-archaeometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 441db525cc0b919f2d77662c5a7fab95e9af9fa464ddd5fbaf0397b903778a5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in secure-phi-web-yaml-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24bb7f54cd938265baf2a3052d77d5384cef40e78cb6cb96648925c983d7f010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bad-kappa-spy-fire-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fd357cac25b9b3eb95f0ee24e2f44d4765d6fcd28cc491590ab1b7e043b31da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pyxis-asthenosphere-astro-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e95609c121da15ecedcbd3376b1932b6054e994e0aa2a3f7a388be310bf6c3de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-procyon-xml-planetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98f22cb07a609a28b005e4e95f1395efe6c1caa1b328526d3412489ff07456b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avior-quasar-comet-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f81365f9fc5c2f91505f735b8c2f870358d8ccb4640b6b9d0b2904e54506807e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188046 Malicious code in mineralogy-oauth-eslint-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbe44d4d94ee8dc2a076fbd2c79e1f212e27c5eec50895aeb116768be0b5a242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in castor-warp-asthenosphere-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35d58ff15ea2ebbd7c4324613137ba93e2574de45eda32618575677a0d8de300 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yildun-fork-chalk-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebcb2d403eeecba5f56dbbda8ec07bc5b9718ea5413a6b243aba11175cfc1d16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...