Malicious code in prosthetics-commitlint-astrobiology-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbfb4f7c503130fe491771b7258e74f8a9cad2cc0d49ebd7fa62fc8813bece12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186496 Malicious code in debug-container-zeta-load-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c066f1f70682712ef0317f6958763b00dc3f36c2f09ae739d4f22feb94c69d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187928 Malicious code in markdown-nconf-string-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8074d92510a28e3e6b1da7ca41610927761684bad1dbfcb169033072bdcd11ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188020 Malicious code in meteor-deneb-phoebe-paleoanthropology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e503587813565ccf9b93395be34e61ce05fd7b6a71e5c4f6f1bc95a90b27696 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-command-warp-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8178667f4cc481bfbb71a61023a72f4c670447ad57a44be40c3aab68de2cac2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in typeorm-protractor-cryovolcano-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02a13bbeca9fad4181dd9e0e667817df4fb2bf290994f3f37757c86d5562cb2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190029 Malicious code in uglify-zeta-tree-delta-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c2a9aea8eab50320c779880a7b814aebf214304d7a582738f948d6c44cf0d10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-prettier-stylelint-seismology-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43052a28656f175ae88ca3541de9f3932eec1054bee702e2ee6c71eec895aa73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polaris-playwright-optimize-css-assets-webpack-plugin-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0153c2925946fa33f509a7dc20a6a22715963f52da756ce161ceb18165fd23d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratigraphy-archaeogenetics-pino-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8b8215edc8d75314fd70706553211c18d60e357ddd2ba33d98c9aebc7bfc32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hermes-dactyl-canopus-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62799d2b20f03765f78f7108ecd6c29ff5e28773faa479e8584065f639f569e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-corvus-elektra-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e45a2d1730f87b0c7ad3fc6d33915857fcf5d83c077794051e825175b6ec7b82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189265 Malicious code in rocket-vortex-nebula-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb509f13958f7a7b72ce609e2825f1e19061e7b2d65cce6416a6e965c065359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185353 Malicious code in abiogenesis-airbnb-supernova-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b35d79dea66f1fdc77e0451d307bacb1912c7849f9e4094598cb136d4337f33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185617 Malicious code in async-encrypt-void-user-upsilon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7a36e99ef3a68fdfbc6ab3992a4fba166028b2c2f3e8f022aaa922e249f7eb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185820 Malicious code in bioinformatics-draco-alphard-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4052bd94259c4d423d9eb1dbdcf88133bccfe47ef411b335737a9807279a36e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188527 Malicious code in paleomagnetism-neptune-jsonp-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00b7c4e427afdc185348daac0c7d3815042fbdb19ac15e8d7e848299230aa85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fermion-solis-wezen-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c64341b959ec7e33415d9299b117759d3127f0dc1de6b32f0137c1ad514a098 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eris-framework-lacerta-biomimicry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f17dc9f17e12f1b196ee0c36e786282dd58ca017e19208f2db374ca138e0cca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-webdriverio-event-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a13ec41d982e5391f4a58b51051dc7c843a88857fae8f519de3e3ae4dcd6f643 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...