Malicious code in supernova-astrochemistry-webpack-supervisor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea0a97a162095a0ef04e01b4076c2c65caf6fe9f6509d012f347112f447a2040 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-plugin-gacrux-wolf-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65c4c2c488bc3934c41186d1bf456e7754924dbf514664faccb83c81e00532a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188327 Malicious code in nodejs-oberon-ignite-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e482bde61fb3e85e4f0ddaf6dbd2bc2b7e66e9546b44fb6bde77934921f5482 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jovian-sass-loader-native-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225deea9531693f6cbd7d6edd3656452b2959b26fd0b8a748ec2e08d0dbcbb98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in singularity-bunyan-eslint-config-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2283510842946d2aa3d0b25e8270ce1e0e52b912769d3adadb85a58493c5e67c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radioastronomy-photon-eslint-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a645989f783782e13048984e4e9fbd513842be85a2bee02ecbb304166d33afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-postcss-loader-pm2-cressida (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec1c3484202bd2ceceb0d9cc9fd1bd478062a4ed6d75ccfeb1f473655b714b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in development-playwright-stratosphere-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71e0ceb6921987d11128b3d9468cfe3777ed868bbcb9f3c382500437fb7f12f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187019 Malicious code in fork-lightyear-commitlint-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abac3d062ea3dcd3ec025e59c52c1aae54d1282809da77aa80fe4c6c4b249010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188129 Malicious code in morgan-sass-loader-release-it-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c153eb6fd6cc614dab9d8fd43c3d5a0e5258e9ae6ddd573ad103e2a78cdf4f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188407 Malicious code in old-import-decode-table-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3318615e0691a5ff419704ab106e4bb388891cfde25ae060e932dbbe49b4332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188609 Malicious code in pegasus-xo-charon-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 181224c30ecd7ac564d8ca1c19e9898a3d4893ef3135055451b9a6683c264f9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in planetology-stratosphere-library-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eadd62ef40f3b877824eeb1b48d4aef2ca574fcb0f1eb2abe17dc8802ac3c894 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-bulma-pino-pretty-hercules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94e2d2e422a2dfc3074f2db8f722b8a7a83c1486e51d381137823f71ec4a9515 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mechatronics-borealis-tardigrade-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e651931a0daf2cef9a1b2da12b3ea1df680bbe83487eb4a9897a63c3722a27ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxy-rain-decode-xi-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 004b97a2bfef2272a65920db91bb9ccb657976da59d63e4a71c0f18ea642a87a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in restart-warp-webdriver-mocha-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95bf93b3651fd9e5262e28a4c025dfe14338cabf906f3143dad4f1a1cf765f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188161 Malicious code in mysql-heka-version-saturnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2111a15423e5ec2213bc83b5a7ef30ec0580c5fba728b2b7a7a02b828883b69b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190473 Malicious code in zero-daemon-small-fire-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0a0456658b09d6abae40aec0e7b3864570435f2c3bc449f3470354d85bff0d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186152 Malicious code in chromedriver-spica-repository-epigenetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 644a4c64a13ccff013904a32793fb2156d58bed4a7842bf67f3e452e2a8eb050 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...