Malicious code in release-it-xo-jekyll-relay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76602650ce2e54b45d8b369d4cbfb502416f052b5cb52458648461f6b35802db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139328 Malicious code in alphard-jupiter-yonder-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 991f0d789770d2f73f9d18deecb4714e677d7f117babb9d524dd62886c2f791a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in andromeda-puppeteer-winston-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9da7751df8e8035a7d7a1e041dcaa9f572e67a2ba46dc6c4d55f8b77556815e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rate-limiter-mira-test-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 459e4c2087053867386e2676432667509cc728c02281ab2bf11291ecf3ce2352 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scorpius-upgrade-spica-virgo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17ed6f3c60cb602dd42909563e4d53ff2103fab5f610611b4fabfddc2e51955b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in telesto-sirius-centaurus-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57249715a10addadb8754d180f52226096d2990307d50b42bc2fdde20b9efed0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vortex-phenomic-schema-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb5d533291b2ed88674d84856e3b9d0ddf9b1420895789b87beb95ea87124916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodejs-relay-rest-deneb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7eebe4eaebfa21765d31bb1cc219e53682e79a49f3b933f65fdcaeb12f33d106 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-wasat-frontend-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1e87b3b20c2fe6fcc2a57079c6652db190328cca043eca984aa1659c223725 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slidev-nightwatch-uninstall-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a80829097b2716b4af04bc74ad7affacacf4db819ea009dfc6f652948ba2ad69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in venus-subscription-pino-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b084d77d240ddb72fc2468a96b8d733738ecf2c519fff700a0354752768c0774 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142830 Malicious code in gatsby-antares-metalsmith-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0608261a0fe9f89fd63b28a2f5ae4ea7d0bda75b02105c40feee677bf54f4ada This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147479 Malicious code in rocket-semantic-release-spectron-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 789b9c2bd6f2aea5533f70a230da1e752358a6a24ff8f6cd758000f14176de92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144980 Malicious code in mini-css-extract-plugin-meteor-capella-nconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a2bffa9bd292d3a0b9290865876b6ebc6200573a041491ba008385a5a036a1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145000 Malicious code in mira-altair-markdownlint-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a3a9a1d2217dc28fa56bf41ba8f7d16d0b014d78bf3de28b24e6c5a8d48a0cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hyperion-loglevel-quark-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12b941f79038bbce9958ae4c4b3f47fbd6a6aa8a398a4c02a26fcab2ba71c021 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149590 Malicious code in xanadu-centaurus-scorpius-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f3bcd92f5223ed3455308cd868500f9582e6abe1081bf9975ab41468d08a549 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147961 Malicious code in sirius-loop-axios-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81efe827f5c03793fb107aafce4247391764affcb9f2d64a7af4644870207ad6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140098 Malicious code in bootstrap-blaze-betelgeuse-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fee5f7c3e2acfbe7402c84173336a1d9eb3ff7a298a28a3038a72366844dd70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148391 Malicious code in supervisor-corvus-css-loader-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e717c0a7c2be48cd214be01d42a303508b2d0dbdda6904c59955d4168e4f36a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...