Malicious code in geoarchaeology-ora-titan-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a806a3cf3dda3c3eebe62d2f064979deff4dc5be13189bf1b05b046a1a60a856 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mu-dog-proxy-decode-unix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cdfbf38d06291aae96e832f05b29f00cfd35589943f585837dc348ec6b1fce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in metalsmith-json-husky-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 478b97c7a91f7c4306ed3e704e7d987f5ad1bfcf878a6b3f756ab08441f24198 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in interstellarmedium-pino-bulma-darkenergy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab392f921f051d5be29925ee8bffff06c637f5fadef8a9ab6399776bf67709ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in link-cron-simulate-assert-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e256837491141edc7c92e5b82e6fc342f0f94ba27253023fe34abb8a251812cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sed-sigma-mock-finally-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0a41fd08cfcc94af80445f4cbcacf1f1a3025d1f4d341f2ade3f5e5609b5c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upsilon-parse-module-virtualize-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a440b3c8b3c00cc296b78fcc754858117fc974f54cf17d0173de5b6c412031 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-sagitta-saturnology-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8edf752315cb247edb6c5969349b45e0b64f798bc16720b9f806ee1b68fad823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cassini-hawkingradiation-rocket-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5253824e08b7a2567634e293db52907f34094d4adacb6b4ba2c609be5a522aab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elektra-jekyll-ini-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fbf52665ae1d41a82f4ee816cb50eda1d84967893a958929d8e2b5f10e08e40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hermes-config-unuk-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be45cfa8332efa48889c39ea7acf947b99ce9fc254f407db0c6e462ae8de03c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scripts-yaml-janus-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef6ee6e47d29dabed3deb7f87e614e389d9e327843fdbb45445af49f77255504 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratigraphy-archaeogenetics-pino-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8b8215edc8d75314fd70706553211c18d60e357ddd2ba33d98c9aebc7bfc32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mantle-galaxy-vuetify-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27d095cf3f4227e38f0e854fa3861543aa352678e355ebee87d347cda3e374fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fornax-phoebe-jabbah-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ab6a4c8a169e333e9defa80910133b4b619a071f3e744ce182a3d24ec5ef6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abiogenesis-proxima-astro-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d17178550a24192e99f40c2a9a3ba7bbd1e503c96df3ba401baff83d82ccdc48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-betelgeuse-xanthus-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3c6304ec6e85d47dbc95675de68746430ade85ec9fbecf5cad5c5ec8a058683 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parcel-non-blocking-bulma-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e29c535824f02cdf2ded03b6607107858174dfee16f23bccfe9006e08b3903b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185828 Malicious code in biosignature-enif-element-ui-biohacking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4715241285965588427f15c1ffe35a84f94a2a86f96acc208d839b45622dc284 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185801 Malicious code in big-data-shell-omega-reject (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1244a9ab9c9072bd2cac6a3da7e782a4d9ed85476bd01eef9825f23de4c7478f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...