Malicious code in publish-concurrently-gacrux-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2cfe0c3e58ae6358bb280c4b65e3b0a5ad1a578037814733f4f7581aa92c89c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in regulus-local-eslint-config-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05b8a0e9039e0451fe1b3b0c8b6f33d25e4987340fefcd91e843027f99b848fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-kronos-materialize-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ced02c917dca028be82a66f333ee6a3354a49e9e41ad42fff078c5d42473318 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in playwright-wasat-sagitta-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6025a9c4a34d28d5fef4bf33d34d36f5441114184959e734cd7837e43332f066 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phoebe-polaris-meissa-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd489a81b3154b63ac85583fc32ba48fbc9fabb74b26fc0fa19112a7aa3f606c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pulsar-run-script-redis-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e468e8345155c6e22043a1a762bd73d53b966d686db21505c6709bb62b81bbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in concurrently-oberon-docusaurus-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8788c9948d1b666bf7589ea421a9f440e0c6e9f86e0cac0940f16fa789762918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prettier-stylelint-webdriverio-xerxes-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a46c7044db02697faa91ea47e9e00a9fe04e7e7215ebd93e223558d8c16fd72e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-sass-iota-hapi-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91dbc27182aee5bfd31b5146e3edf1d1a806c781e33de5ed7183df2ea72cdd82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in semantic-release-hugo-vulcan-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22669f1738276fcf0d0861f934453f7eac47379e02ba69f509ffde9eade5eed1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-commitizen-xanthus-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99a116873bf32c289aafa5fd60f4935b886ca7e2741da3cc20430738596c680c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-cressida-gulp-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fe77634c62f3e542db691903b419f0822a6429e0a2a8641280c612ca0a724c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slidev-blaze-zenobia-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fd4cde87182f18e48fc64a21b8b3a6224f31cfdab55a301fb10c443b934961 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in test-schema-blaze-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13557f302c015eef445b04257dbb25a80d80434549869866fa18e85a650292c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auth0-eleventy-sedna-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f76a53b8855f0c1929c9ed27e787320d21b2e4df8ca1a9760a0f6820268bdde This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144227 Malicious code in kronos-soap-mongoose-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2a7487eb0f4716eb5160cc1c8d601510a3fadcc5d74c85426652aaf1df9303 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149667 Malicious code in xenon-umbriel-jest-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4789f13d13bfc6480462c74df2249fea0b3264ce877ca27a1707785b3777eac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149837 Malicious code in yonder-iota-karma-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b77d50f56b54d38b72f23620182a6d2983ef18256cba1de345bff838382831c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145605 Malicious code in non-blocking-colors-xml-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a7c05a91dd751ebc574c9fafe6c079484def23e71f2a4ea9eb425dd310c652c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148964 Malicious code in uninstall-perseus-duplex-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb67855a44d0be92f1df1e5320c81078eee07d1544db5ad18f99cf2180778f00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...