Malicious code in iota-aether-hawkingradiation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0a7a9c4b6adbb29d416747efaefe914079d8722fce2307a0b32e37ccc5eb06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in warn-array-container-grid-stub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fc1c40e8556a40bb1303463fa81490f6a1cd507d53c7b15d0ccee323cc63deb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in epsilon-bash-sigma-tree-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52d28814c9273e5485edabd3f7886de05ba4b3bb5991d48da9ab724dcf3baaeb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unuk-mui-antares-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1ec361b50b97c7e7b7ab5f49059900ab7878e6ffac9899246ded9fccc19d11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189560 Malicious code in soap-weywot-robotics-on (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0dd944d0f7180206b81a90a1e92b2a37af02b64eb858ac325abe0b694b3bb26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aether-start-lepton-mdx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e36aedbc551c0fdb6d6a164bc853c5330db99a2f5ebdc2bd7c415435ac4acf66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in server-filament-framework-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 358fa0dd87122948b061c1340cb9ff978517012369a5031ba9ed47b043345bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-global-subduction-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db5dca0a960c4affb7ee077ac8b2613cfe86d64f6224a89a259c25d733fcdf0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-antimatter-express-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b4b464bd726e60d3c7eec51d106ebe982b5d2c3a00d8c321279105ddd4c030 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in middleware-antd-hapi-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f16ab9c55f7d6888829aa508c89f33d4f74cfb7599bff11339ce70c0d583a3c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-less-markdown-pdf-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c7bd429984bdfad6fb783aa98cdd8ab753a86703687e1e723fc3a2e3aee022d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elektra-yakutsk-cosmicray-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64e053063556b6ad51aaa35357c867ca4d8fbfbd2c51ef10bbd60a53ea1b3916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185941 Malicious code in bundle-theta-virtualize-sanitize-sigma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38282a1052c7793d90cc175a442afaee3305c74e477314e574480ced6a46e0a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rocket-jest-astrophysics-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca197e20e95dbee979d38927d9d26ca5234dae33e996d5f4ebb63ed864c4329b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-geckodriver-perturbation-geodynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa898dd9b0ecf67bf135b03027d809bf8a597128a8fb16ea32387a5fd838ff8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbra-enif-sirius-lightyear (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1d6e28e0423c02db3969a8742d5aa784afb117a4d8361b30eaf8032885dbdd8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exec-local-mongoose-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b872afd1ac291d4ad9a6557070b1a111c63c386c84d16d9637c174bb6e04f49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeogenetics-xenos-telesto-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27da6b5fd36366bdf4dc7b0f00159a6daba029c6322eae8913d87161aaa6a6b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in comet-axios-chakra-ui-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc91c4e3c142888f64416531c88b245699460f10b14d6b992018999bb0c31aef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...