Malicious code in arcturus-bellatrix-standard-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7609f325b00b45170897f239a83a8f9f0a9ba0025c5dc5641331b70050b2b2ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasat-pulsar-exobiology-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e635e404118b2e59ba1075a23a30f95a3df3eb263ecfdadd9ab1f39c6019e89a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoclimatology-framework-mensa-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c12f313dedc707d720600d06707caee7d75a5cb19e5f99bedf1d25cd3c43b861 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uglify-js-buffer-exosphere-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bb473d9060c37f760d1ef8d7f47d1d6070940920e1b8e73a875e381abe8fa6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lacerta-ceres-jwt-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e9ef158e3d8954448aae52a5a567e27d1ce378b34dfd354ba3f163720c80229 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-janus-fornax-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07804782a9ba526b29707dcf95d01520ddcdbab7228282fd401eadb06ea59474 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef8b0e335c02e9e3202c8e0195d3bfd55501baef7ef0af424b6b5b8eb2310c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decompress-tree-protected-upsilon-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f54cb13086872fcb5c3e171f126f96d2723cd7ed4cb0febfae9e2db744d4d97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biotechnology-draco-webpack-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37351f9d161bded8244999f286d5a8e7b5a01f0fcdf5440fb810ebbaf8eaaf8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in java-socket-cluster-decode-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91f9d43e44408d07d0519e14906a4ab844a8bbdaef97555ba604ada50af6e13d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-config-lynx-cressida-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1a8390d9b4f7f0ca066259c5d2fb5a70e40e66cc7525724d3aadbfe0acf5fd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in regulus-stratosphere-gravity-ethology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93fccfb2ae38d00edc4b5bec8be5c645ec916c9b0d26399bc5ebcbd585a4e899 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ini-koa-adonis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814dda9fc098a95449685bf70ed597eaf7718a69688a6739317f7af0058ac94c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protractor-eclipse-ini-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e4c4cd1c8af3f847641151dd89b0a4f294c53b6b5e6a591c461e8239a74b873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fornax-postgres-phoenix-semantic-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5695ca34ea3d53ba924b7cf3957ca4a9b7c9f3c79a463ba9e5cf2c27dba36ca9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-hermes-callisto-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b633dc83b81fa2bf2811bca79ee36d4afe31a1d5a5ca8d3cb8a5bf01364c7dec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kardashevscale-apex-neptunology-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ed6681820d0d0e956aabd73d96954dce8d8314d4484f8f31fccd3f6b85bf0f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189087 Malicious code in rate-limiter-technosignature-genomics-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fed67de1e41887e575922c3c48b91c73df86c4b80ecf87513eab3bc52ed123a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189416 Malicious code in sedna-palynology-aquarius-lithosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac0bbb77f85d66e96e7621b2df56694543e202d7f900f824020d324e9e6b068 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189097 Malicious code in readable-karma-xml-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c0d2d3a27b749da169c991b93d852c67354e41e03611bad2d5b9db3647047e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...