Malicious code in standard-frontend-glaciology-selenology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ff8d2d9116da16fbde5a2392699bd79ccf9484cb2148905a7dab7fcd8c8fae5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryonics-publish-dactyl-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8e8225eeaac0b8916a2b89b7dcf39e7988138e6e430c4f6a4730306f251bdfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parcel-panspermia-commitlint-config-angular-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad7ce5ec778c0d8a09caa214fc9ed62c9222306281fcc29ee88e7c4f779e7806 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in regulus-eridanus-meissa-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe9ebcfb13b4dae50d2ace3ef1ea735b3f71d9f8e886e7583a36ccfdac361cab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in import-benchmark-warn-node-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24561d64b8cda186bb2d88f82638fb3bbc75befb15a7a94728acd63a9b4ddfac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aether-dione-test-markdown-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb259ccaf3d1c636e4a75212af3fb8173b2ac77a1199ddb3181a1018bcf258ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lambda-byte-sigma-static-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96e512f773e77c8591c7fdc12e28652a7c98180e468e2eaac0b828ba21c83918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in semantic-release-webdriver-mocha-holography-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b794ecaca7722f541231d8309e4e5bed08b390b392a6810c0def39ca7ce18f93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in google-bionics-flare-biogeochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 721da62d8e5ecd0152fd394c7c4f7e74c17ca686615f02e8d31c07f1e323c48a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cold-hot-beta-log-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9a7f8a4e041fa30770c77c28ed0ed77e8a0b512d546aac9d12dff4a25c02072 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoclimatology-eventhoriz-areology-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69773d9a5c3889d618b425370e12b0c6366104d947651f8e479e7215d1ddd1f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xo-mini-css-extract-plugin-vega-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341b0fee093a5bc333b9bc719cccccc3a0a2761c15e4f1ae597b33f4a6d534dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dysonswarm-loop-command-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee1019e8fa74570eaa1b22a674d4869fc6cdd1fed122f53267d55d7dbaa65146 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radioastronomy-mongoose-inquirer-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98b90a3ad43fd3d17f857f0d6f4fe80c069a4b11b70c9356b9193d840d067320 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-config-mini-css-extract-plugin-bellatrix-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a0f4cb1363923700e234a126ba9afc3eb8cefa5fbc782a1ed68bce1e6c9fdf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quantum-darkmatter-native-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4b7d2e949c0c56d06fd440de24261c533ae34fa972d0a9fb8cd3cce716c207 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jwt-polaris-accretion-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e37b2693cb2d609541e5af2ae1c48dde95387af1a4eebbc1098447fc26eb9ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in load-protected-file-index-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a5faade79c2776328e1710a3582b6ad746e9fdb934959e0c3bdca1c6f84b929 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in promise-hawkingradiation-paleoclimatology-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9699ad994533c1d515aa9b41aec6b38a1e46a1c81707dacd5c84fe82663b1f0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185864 Malicious code in blueshift-lynx-dotenv-safe-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dab58c5139fe550ec62331ad682959b01530abab6c25ee42eabc08fb386d1f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...