Malicious code in xanthus-bellatrix-less-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd54695cc3236f3efc65f64d59a944e42dff0e5f3b0e47c60fbd6525c622b52f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xanthus-stop-antares-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24aff18b7ebab6c38ebb608d171a38a0950de81bd26c3a9d4c476745990464a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenos-cypress-ursa-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17c7efb0dfd9e0a603887b643409249147387ea0015b6b38655d3aa6b494df52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenos-halley-nextjs-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ea90a89f7e2f9754822f85568e845254ae760b8796313aa877aac600d48ae5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xerxes-repository-transform-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 084a137d2be3db55a1f0664186668da911432bc4f0ec5e2a3c84ef7f34d9bb67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xml-mocha-restart-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8889937709b9de60151a64d3a34b8ffad489e0390ae41d61c3eca5c969ff729d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yakutsk-config-mutation-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e87fd837a3fdcb7f7a0cd9c466ce5b1a6a242da406d99ac0541734d5c18e73a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zenobia-elara-mongoose-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbf9d9dcf9b5e3cebfd06d89909cf7e106312c8c69aff35e4e6bb17f77897675 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-cache-remark-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b778b31a4c65c8bba177c7cac5af3c1cba209d38f682bbcb2d35fae5df195fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eridanus-wezen-module-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db08aa8da6ac73487e2363d886d20ce680b382956c29cd219ffbbe067a61d4d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jabbah-astro-update-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb48d05c71d4e664abc9f344c8ae0080f7d1f437b56a3bfa83439c01a3b1374b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-standard-corvus-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 684ec4b83b999e47fc32ae82653f9e30c77edeedfd6d936996de857e670e4d44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slides-graphql-markdown-pdf-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875d6758d07bb506554c8efb933ea288df266b933847f0fdb34e06da7e69b3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-helios-bootstrap-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 443c660eeccc84458663b73683dd4f9945a478b35f6e205b836a99b218487f68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-less-xo-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a504bf7c4d1d9c1665d27175e7e303cf7a0698c8d6828ee8a8a07fb9acd4304 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141340 Malicious code in csv-ariel-sirius-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb0e61ae6839d445fb388ec17f3094ac1fd74c68c9d057251528b87749bff4a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145201 Malicious code in mui-elektra-norma-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 519f58c763267fd10612636f7ff1074708c720a4a44fdd372714d5fe9a7cc783 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148955 Malicious code in uninstall-comet-orbit-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40bed052f835a132acb6491032b7a18c1036da21b1b9eab884258bd3b3c53175 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144956 Malicious code in middleware-fornax-cache-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30451cfcb018e07948d2bb2cd56d9b18dbeb975f403070768ae3c9d68285cf6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143505 Malicious code in ignite-antares-terser-webpack-plugin-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 678314a42cd5410b1e3b55dcfe9468f7b009c2bf1126ee336cfd1b2dbbdc65a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...