Malicious code in meissa-duplex-request-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bc9a8d56bd914325daddf0f1c5c1d6a1d44632b799c474ae33e71c334883104 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ariel-xenos-dione-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db83500cf3a16dbc3ca0c22ba4bff36c9de611ba6a892a7bc8283db3e81e976e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grus-prosthetics-stream-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8349dbfa155f2d339ef3fd2ea67bde24011b09acb828ba410014298d1394d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chariklo-babel-postgres-thuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 393b5965a6937405c9e5c9fcbd04f7ceb4037d5f924bc82461abf50350ff323d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in star-private-minify-bad-compress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c073ea8c71ff7c1c682370bd5c071b312cff6ebdf04d0b7966fe8d9f0e529a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cold-cron-object-chi-export (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c60002ac5653229eb6215aa13f4ec5c490f97c72faf60b5a0be727c9092c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cors-warp-farout-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13b58f1af8bf82671c841b76a10d8e68246dcd60737603893aef17271bd3c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in javascript-magnetar-epimetheus-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd836a25d5aa73f526777d2c602b2a919e137b30c1167b63e65262a3eece2544 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in octans-sedna-entanglement-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e8de26676b02acc15c835b2db1cbc166b1c3da77c3fe9955268f44283710cc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in secure-big-user-unix-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58302a7110a1c0f90f3bedc311dc5eeda947f3da8ac2e2e1dd37e19aa2b0347e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-cli-nightwatch-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4ae5ae48dc55180eb76cf505e37d133d5e836a3f4246eaf1b4fdf5e063f5a2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phenomic-loopback-rigel-mechatronics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2c60808f9819379866cda6ffe21efd73b974a445126a3dbefeaf8be4e60424 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-exec-meissa-terser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6aa4ae84ddda5465733272a077d844865623f79611a78353acab0d23bf825bb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neutronstar-native-dynamo-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64eb5f6281da92ca0de400672e8514b5e7e91819e20cb09e2904422be675fea2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-nconf-string-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8074d92510a28e3e6b1da7ca41610927761684bad1dbfcb169033072bdcd11ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187140 Malicious code in gemini-ionosphere-superposition-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9915da48474b9a7fc365caff832585a7c79e69a676a479e6add1449dbf3314 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189658 Malicious code in start-io-nightwatch-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e2d1c8c06aa9ace0532a0d3a61dbaeb3cd2e038d997fe0f7dc80a93fd3260a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189939 Malicious code in titan-iota-carina-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae54b5aeb01b3b85dda4f78f0dacbe1fafb98fef139ef198836d50da8dbcd7f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in public-dog-secure-user-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89b3ecbfb521f54bc0a2e5f288dc76d1fa2de219c9ce457fa24196b94a7abd81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...