Malicious code in cosmicsilence-quasar-vulcan-gammarayburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866755da032f89e835ad4dcc205c1bb514c50448977117637cdb00b19af44d3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-apex-seismology-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc0e74f615cb57fa334ff9dd070697aeb39697d41fa7ea06d55847b0e2cc7b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-venus-coronalmassejection-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a9f79b52091ebff932b871168c288a94bf9d5c3465addfc54adbcb69c3ca52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-pm2-toml-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f39fb8a9d75395b1785a187dc32fd7123d42ea214d0d3cd4f9526ff421b0a685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbra-iota-graphql-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0216011a857c745443a164b8b961b2825a42498fd66c95b1ea56899885b894bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186734 Malicious code in enceladus-module-firebase-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 573f7098a653cd898218b7f6aa6ce36b04be14f870311aa55afedddaf307f382 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187384 Malicious code in hugo-mini-css-extract-plugin-ophiuchus-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab15840c7162a1c78bb10f8ff332b175c7f6472daf912e63eb81d372dc63e1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pipe-orogeny-await-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2382b0c000b2e4514194f19d8259b7e578360d10c1531f70c0f8429921ac3b9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in star-earth-small-execute-decrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71714330271c58d2d5c06d8a1ef7ca0ee575d60552bc9bed163a8d19d031220b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in process-simulate-parse-integer-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6f595e875d8be76b910f8b5812d7c40c89b52395acb636de9b3c68cd19dc6f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-ursa-prettier-plugin-markdown-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bce70a60b982911ae8463ded8b5a8cfc5578f573075e24291265f231dd7d8f9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in enceladus-got-ultra-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32239f7dbc5399708cd1356919a8314d11782fff280d08afb68b2a936bd12671 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mock-sandbox-private-stub-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b278ec81aa032c216582a6a7be827213f777087cf4b2e0c8d2537c5889bbe8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rest-version-library-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e3b01d06955b1393fdf87ea7bfd085c32e43a39e890b503008aefae093db6b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vega-xerxes-meissa-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b63abf6534ea99f2d7edbd9fec922e534d5a525a6f21b8ba75ad9525c2a485d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in primatology-technosignature-magnetosphere-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb9ab28fb0d25c1d31157674fadc3130df8137ade8adb06630447d3c3639e54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-pavo-asthenosphere-aurora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c245ebc6d662cd2d791c2a665a08b64c0ac325a3faea4ed570146f511d921147 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pulsar-graviton-dotenv-safe-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8546f292f3b1587e20ade12f038cbeab5b773d3169b8f6e03f895d8f6dbcb3dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sass-loader-castor-prettier-stylelint-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36be8c6e53454c41e44313eec1651c6e1d576f1ea1012f52e9fa79e27af392d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in info-byte-simulate-cat-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0027d2338d6014bc490d64b292626df8d2de44402c81596a7920b4d4fc8d485b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...