Malicious code in canopus-odin-scorpius-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddbac68d4f0a154017bcea876cdc1a0d580ceef45d587eea1cead61d4448378d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meta-boolean-analyze-decode-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc9f12b07ea4eacded6b4cff311fde2093c73f60e91d1570a14fc533f8925ac7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in compress-async-rho-boolean-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47a72962d3c729d5d4253ec9d28d30df0480c577add110900f74126b32e3a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in metalsmith-ganymede-gravitationalwave-biogeochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd371531b6504d7302f781d1d49aa918cc42e03fda931b017ec70b39844a114a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quantum-darkmatter-native-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df4b7d2e949c0c56d06fd440de24261c533ae34fa972d0a9fb8cd3cce716c207 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dysonswarm-gulp-dendrochronology-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df2900cd899be02f8b927b3a22067e8f4e1e87d3b8ee57a7ad44205167f4a2bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in child-process-xenon-avior-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9f4f073cd819427d81027c4347194f2093797d2605e1e90dbf83b1979f7d03c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in update-proxima-isostasy-archaeometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac93addf5705ec6be9762a965b872ca031400f21168925e440d5142383746b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decoherence-neptune-saturnology-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b550a9f0da242bfe9f0ba64dec95e44265c55f7236a1934c5bc5b965ee23c4c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoceanography-shelljs-umbriel-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2386202e5955957868e619896d6eb531b3f4a1f167c4964e7c4ce5d273871974 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in borealis-rigel-string-exoplanetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35f2dbdab2e1ba4e40caa517bb65a8334df15b1ced872d929a3e379178347ad6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boolean-fork-uglify-dog-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2398286c5bd8b36359dfe96e05f9bd79387f0ed461e40f664b3528ec4bcf92a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xo-phylogenetics-kastra-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 776f14ccb8c890a6430c25774d01ecc7a4242eb45e1aa8e6b3770b0f3a7f088a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in beta-error-rho-authenticate-tree (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30cc2769230687e6e7eada5a89a33afaecb48c332be1d59dc5e4f2b0ba46f3f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186473 Malicious code in dagda-polaris-entanglement-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5325a6a4cc8abbb32dc79710052d24b808fd1692e4b2370bfa9cf74f61373dc7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186833 Malicious code in eslint-config-apex-hermes-zooarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f73ba82f9d9c22e1bde2447c605b7f915aaa35732f226fb83172e499f027a621 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187500 Malicious code in integer-lambda-notify-cache-try (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf466c2e7690bbd0f6d1127bbe1eefc6ee2fe3891877043b829d3b2a3ebdaf01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189340 Malicious code in sandbox-kernel-web-good-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30a8cbaba2cc17bb7d2f755e8e246f74bf867556708a1559e09e18f4dfad5130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186746 Malicious code in encrypt-public-delta-chi-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0273e011f95f5c7bd83382e4643a9ef8f11d463f954e2ce4c19617e1bd63c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188228 Malicious code in neptune-sqlite-cordelia-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2d6377bbfbcca851cfbaaa8d0d636f6b835c87f03e0c5ec20cfdbb33a77490b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...