Malicious code in ceres-petrology-callisto-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ef236e8eb1b727325a3aa33594675cd45f7056b4eeb66de2ec6f4c3717e7eb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-neutronstar-xo-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 581f8b3bbe8d1d6d256b170ebe95f9b25932b9f70d22809d6886514f5a2936a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in event-miranda-rest-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acccf89c905da91626d03d95cb26599e6d673600757370009e4ae8d8b0962900 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-dotenv-pino-pretty-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c3d4a572f76bbbe274534a67699ee258acbbf21283e21f9c8957d006040376a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in install-fork-mdx-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0174957ecf55bf2c99b8268ba710d14ed3780b9f42212194dd0dd97544865f95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gatsby-config-postgres-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da39a9e2fd7a04f5eb662fb6eef0160a78e4ec3832a4537c9e704e0731297736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in materialize-cache-neptune-cosmogenic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85ce0c130492aae3151f1a9569559e73ddc5670f78a3a142e9f6824e03610e1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-wavefunction-subduction-transhumanism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0e6bd0652b5e4d018e928834eec7a01faca00e01d4f657865eee6364dbb3b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190166 Malicious code in virtualreality-biotechnology-standard-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74613aae956535bdadb8769f8d54326831d730205494e04dc613a70612dada1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oscillation-readable-supernova-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b51ba16ddec20c5fa98e0be10274cb14d7ed4c223f9f5a94cd339d2118dff1d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in shell-omicron-dog-bash-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9773541d5d024eb6ba320252005f48715f06580b91dc6b9da8e16df177b7266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in equinox-passport-janus-websockets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3f11b68e3638d03fabface74d4eade1bc5f8df93eab7c0a224d47b29af1d9d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protected-cat-mu-file-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0ad50d17aa268315c0b7f98ea661a6506e5a7318ca7cce5dbecab5d55514a17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-proxima-whitedwarf-jsonp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b8a57d1e9a393d211b58a86fd5f7c5e3a2c390cfb91db8a41ee8f156a303465 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in configstore-quark-sync-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30c3b67083ef101f23672989003756131308861e71de005811d2edde2b5f3f8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-palynology-proxima-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543e63880d502f59f3d0b14c0fc789ac361fa84e5f73d03802527eb7c0a98c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in algol-aldebaran-cressida-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3b60a5310d40da64667cf3c540ac5e0f72654d8b7b2fd03a830545547d126ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleontology-acamar-steganography-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9d1ccb96d7ec2f9626a93f33572ff27aa51718c6e0e1f4bffd1f94f89e753c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cli-cordelia-chalk-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a90893c3d7e4d4fa1c3626b55b27eb9e39f5ec83bb10dea8c99465c4493b68b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hapi-dynamo-archaeoastronomy-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54da22c800be5c89bf0fdeb32b9a7a594ca11b7090f7e046112643b481591db4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...