Malicious code in sudo-reject-mu-proxy-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71bd21ebc82601b1500c1ec0b38beaf261822f483579359312b433a31d3a139a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in docusaurus-callback-abiogenesis-mesosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42bd97b8e1ec351f3c30094833234126ca837fa785a420b0c9ef4ae12a84d81f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hologram-jekyll-radiometric-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34423c93c7a5b13e9f1e0d5bd862054c215574cb60b2d0c3c0fc097a038bc7d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biohacking-membrane-json-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb527aa78665f5e5cc9a4e92a1b7eb37e1816710216afb380826349014866df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-css-minimizer-webpack-plugin-heka-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33b0f9fca81fca86a14b33c7bfac2d72987607fea039001a9568eff34c879063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-stratosphere-stratigraphy-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0934643185b5cbcc16307cc870692bbaf0a0c6ef0085d73916acdc478aa082fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189193 Malicious code in resolvers-auth-materialize-ionosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a77a2105b820e7a74ebe25aa5cff24fc525b061fa0dc9bb60d1675efe64168e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186315 Malicious code in coronalmassejection-terser-zooarchaeology-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f17a3906bd4a11e984c0df47d8cc68a8a7f61cd950e0a6de37029a1ce951b7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astrochemistry-selenium-solis-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03e4945f4be5d41b84b61b8cdf7c141ff4cbd2a35808590735d6fda40200ddd8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in float-beta-deploy-star-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c28ea191cc624187c918a5e511152ef7fdd4e559f69dd061a432e823a1547cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-lyra-css-minimizer-webpack-plugin-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7d3d9b81812427d006a9d83aedc8ab35ae99c772c8d05c7007ddb3d17c3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkenergy-janus-firebase-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27594d376e7c3488958eef232401459e1718d977f3910af62ff4d9fc27a3551b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-meteor-equinox-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf6caf727d2ca931162dc42199e8135f7c9bc25580dc02019ae90f6876bc9655 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in adonis-prettier-stylelint-ignite-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c2dee72f106188a0ff5e17a762bbdb0c03f1132107e86b7618d5761be4e285 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleobotany-warp-less-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e503cf1f4b68ac4105f21495630d3b3ab9fa830d3e32df743899bc45a7467430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-dotenv-safe-run-script-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a6e17931e4aaa6fd168c9dd241a0af9cc5a149837770053fa39c03d71da231 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lithosphere-browserify-express-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fdc8dd182e784cfc7505a87b79d3bb63e3889f3079e330bce2c95ac7d3a6778 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subscription-nightmare-nightmare-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a7cc33633fdcb71ad9cde74bf5f286e45a3fc893122e6cba8a51fd7ffdfec5a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188740 Malicious code in planetology-virgo-archaeometry-envconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a306eb5c4f40ca9eed5e5358af762509f337a8152ea0a8021b334ad4454ef58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186284 Malicious code in configstore-hermes-development-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c72cb9e0e5232a15d010e7bf17d17b4c82720aac90a7409eb49f7ec9eefc238 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...