Malicious code in emulate-sudo-query-balance-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40e4eec2a59cbcdf3ec68a88c1b19fbd9aeb9ce1cb89ebba9c49b3ec09e41ac1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tectonophysics-farout-cordelia-darkenergy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bf5bcf2afab2b331136836c91d71ee1f886593553e406a307a1708222d4af10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in brane-kardashevscale-coronalmassejection-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d78059d5443582ab6158f56cc1d43c50c6eedf26fad4a962657ce841e070eee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-wasat-galaxy-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d83b4069b0753c07d3c79bfddcd91d26290f269a708d2f97e47c1fa9605c067 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-node-public-interpret-cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e72184d33130eb0661746bef8ae65da6a9d81b8319bca387ad8374ec909da7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cassini-pyxis-proxima-isostasy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ee145f91f029367c40892d60c12537ef872ce0c03862342747ec9269427cfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dependencies-nova-meteor-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 501435bf55002173c8f7d5b4c21b3d56892072239bd53de9e1caee62f283e9cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-auriga-module-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 939bce452be9f38f47bf7adba1f04636244fa890ff50cdd36a91f3c3e80598d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-cache-passport-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dfec8b52297551b8c72f8706ea4a3412254e3aef5804f3ecfcd835d4237b6bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in warn-function-assert-report-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2102e18d30857bffef50164cf1f308985c2c481c9f5120cda1b71b90ffa038f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-ethology-kastra-biotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4d50f3fa880cc105429f154e2bc09e5b09429538db303307688c9609ca30e2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189459 Malicious code in server-callback-css-loader-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b3bec8505261d79f060d4853518f6e4013a766f0d6093c149d679f10912456 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sanitize-new-link-code-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ea502fe1787665ba66414467f0d22ea7bd53a05d1a42ad35bb8974b5d525531 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in update-barnard-rigel-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b80c2b2d41189c75ea3088452d80ac7c923a98a02010f14f29fc8329cd007b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185772 Malicious code in bellatrix-prompts-webpack-paleobotany (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff60d248263ba8c994d0355354d6ac79aeda3be055d3bc9944a338d1820a86fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186198 Malicious code in cold-dog-module-notify-good (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4c83bd10b2435c6dbd483122fd890dd154abcfcc705f21736d501c33135c704 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-electron-builder-despina-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 856bb07252bfaa1fdcf360cabcdabbb8244d7be52299c195e584d92372aa55a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in secure-big-user-unix-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58302a7110a1c0f90f3bedc311dc5eeda947f3da8ac2e2e1dd37e19aa2b0347e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-exec-meissa-terser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6aa4ae84ddda5465733272a077d844865623f79611a78353acab0d23bf825bb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeometry-rollup-plugin-astro-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dcfdaa9a4222852d826a3e0212b6a3584a79729124a8ff9ee1178222bb3de18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...