Malicious code in scale-parse-await-book-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faf23bd6ac11aee950532e019d12d27aef2b746a2fcd39db0eafe766558432d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-link-code-stack-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0332ea06ac8e14a11d6373d745a8c9acfba7cf0627fbf54277743d4d2dcd8414 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in levels-eris-ora-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 396eb7d9acfb07e0b4d45bf71b3a83fb17f984b821fe561d455530ef55d0f946 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in install-geckodriver-blueshift-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2240b015dcaf28ec92b8a7042872a396aca384419b7482b994f0efd2493d68b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-pdf-draco-kuiperbelt-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 457f8521a8a18af9a89cd6741bf8aefb4c61856eadf34157ae8ec6dceeae7990 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmochemistry-lynx-ceres-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74ab9a101e57e01b17e4c0f19e62265f783a7a29c6f149b9b13a5069caff247f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in holography-antares-enif-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc8649af4f582c4122138a6cc2191c5208ae130c40e0a81317dfb3433f22d4eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-relay-optimize-css-assets-webpack-plugin-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814d9c5cb9e62fb3014607e0cc8e6b132834d0f216d57d6a055d9aba26c110d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biogeochemistry-xenos-nashira-petrology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82fe21385e7e511f088a5163fdd58d197f1dfb485a1f949ee04b4b14cd53d4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aether-tachyon-geochronology-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97c5712385fa129477281e98cbc714546f1b33bda214810ca0805130a57eb58d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in brane-nashira-cluster-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d95958810256e12bc1d81c9af029c889a3b720ed25cf4abef9c6a636340b635b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gulp-cluster-hermes-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75be2e9a1f4408daffb548607099533dca2e521294c032121214e57670fec67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bioinformatics-async-wezen-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d985ecd64cacf5233b2a1054b7e2ed5ced314f675ee6e190abc588762b03b287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189107 Malicious code in redis-browserify-nuxtjs-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 711d716900670192f72189f880361a7e02ddd5ee99dcbecd1465b28f95bee624 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in process-callisto-superagent-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b89bfed12b339906f993ccf93fe8a767aa4c8e542c6cd156df2e24604d5872d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superagent-singularity-singularitarianism-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cbdaa1d54bbc61f1ea74857628bad1ed29b040508630d98c1a955535b5c8217 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-rollup-plugin-cybernetics-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6b7843b7f7891a049059218853ee6c6a14322926fe06a83bd6cb691a16048b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-wezen-bootes-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95af838a5409ad46c803f49911e5142c4505a584392775561fc0e5b1eb266f01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rate-limiter-callback-nebula-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53651fac56158fb1f188c86d46208153a283a6a4bc8f891f849d0f667396b922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-wolf-deimos-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 278e4a12ef49eb23953dc1bea73ef37ad5b5174a325aaebbabb2faba7c8c204b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...