Malicious code in odin-start-sagitta-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 878a783e1486851d45d02168357d90a0294a77ebd4be938cad78d29133fa59d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in export-resolve-theta-slow-refactor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a82e294ea324bca472096d25a02a11bb79c13ed4c1729e7d4735c3cf05ccf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-less-markdown-pdf-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c7bd429984bdfad6fb783aa98cdd8ab753a86703687e1e723fc3a2e3aee022d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99d6b16ce5f9ad8a4b63643f29ff2a163289920ad64bab9677fc22fda67ddb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rehype-janus-nebula-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b030dfe78269f05856c1d36dcfb4812704739de10c5ef8312af45bf99110f18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-supercluster-release-it-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeogenetics-semantic-ui-weywot-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2d85b60fccb5653a1ef6424b8a8559da59eac331213af2d61e5276efefbec3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boolean-fork-uglify-dog-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2398286c5bd8b36359dfe96e05f9bd79387f0ed461e40f664b3528ec4bcf92a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-steganography-slides-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796ab19af8288ef87fc08c84b75032e9a955512cf76daaf4f031d635f7ec9e99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dog-daemon-transpile-grid-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55edca587df4a61a434055376da40b0f9a67bbb2d201adc1b4ab8833d5c309bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-sequelize-miranda-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11fcfe00fd6afb92e1706c29463826fc87304a0c02b85c53af1d7e3625974591 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-gacrux-stratigraphy-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06412ef9850be1e7a1ccd8f1007f1b16b41bc66dcde0d734ed417f747e5780c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in optimize-css-assets-webpack-plugin-polaris-docusaurus-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c44a99fabb4e0d5735d6d5ed781d797b9a5c415bb82cacef81f2cc52473301c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in reject-book-catch-module-short (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b8b14b5a95ce44e95fff509182c83b828055877000a05d9e7b4447abe77c430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unuk-mui-antares-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1ec361b50b97c7e7b7ab5f49059900ab7878e6ffac9899246ded9fccc19d11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188668 Malicious code in phoebe-borealis-vuepress-coronalmassejection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deaa586f7a513b8036116d867f85c2889429e1affc2ab69c5e417d09987ff2ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187897 Malicious code in magellan-augmentedreality-webdriver-mocha-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab10f2e6996aaa64585be8f1ccc8604e6d29c1836aa5cf29ec696ee0e297c364 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189340 Malicious code in sandbox-kernel-web-good-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30a8cbaba2cc17bb7d2f755e8e246f74bf867556708a1559e09e18f4dfad5130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188129 Malicious code in morgan-sass-loader-release-it-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c153eb6fd6cc614dab9d8fd43c3d5a0e5258e9ae6ddd573ad103e2a78cdf4f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187988 Malicious code in mesosphere-genomics-oscillation-mechatronics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cf08706524cdb0e4de9ef31caa8df577e30a9625291938358cf86d5ef9a2cc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...