Malicious code in tachyon-mesosphere-spinner-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0199d4ad6da5ed57f1010cac95dc16558ece4d84ae6e6c6fb857dc52e6c6370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-nova-readable-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 519472d81a3bae325559686848d27604cacef6d3088adabf65c3453988faa0cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lambda-daemon-cron-delta-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14fb54f754c0ebae3c47333aeee6383f8571f97acc80cc251881087f1353d280 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-photon-eris-speleology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3bc318af39702e1bd1c0c1bfdd4e4af1ab27c81c777b6853f7a5acfffbb10e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189385 Malicious code in scripts-duplex-innercore-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 795b605e61cc15d48e6db76692728e9b0cf00f022d125f102ddb7cde83246cb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188772 Malicious code in polaris-winston-cryonics-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5e7d42f185ed3a6589e791dac133bceb2f0d294c95c473ef0661645b658ff8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-development-nucleosynthesis-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d219832a5615266d6c144d590d3bc3db842fedcc2489b20a40c23603c3d7e2bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-resolvers-leda-mechatronics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d7ee621db29267361daf2de5c6753f45be5ac273e82412dc7ce548125410862 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-plugin-optimize-css-assets-webpack-plugin-bootes-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a22361096be70425abad1a7efd5cf9876ee3807f16a6b9935376c78fcf0a8d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-shelljs-tailwindcss-photon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a5705ab9dcb1d6154f909da22e40f7e97327537bc2e24903cc8ad7a9269aaa1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-flare-aurora-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0243563bbd76210b34b5e68a36b4784afe93fd2191c332071ac47dab89494808 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in materialize-pegasus-typeorm-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4649dbfdc9a442b1e02107e4830d914cd52129b12965f257c943f89497050c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186162 Malicious code in cli-aldebaran-geodynamo-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c946278b1818415c17fe6f89c3436056cb57fe062c7a16cfab1f2a58b9db68c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190346 Malicious code in writable-jovian-pino-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19f4b238352d52b2cea590b0446ad3e308f8dced4b1490cf8e439993646c0a9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186145 Malicious code in child-process-loglevel-elektra-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f1f20ab80f61e2c11b6e61e7bd034a3429aa7f420a51e4919dc9442576a50b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186673 Malicious code in easy-parse-async-xi-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dd6435fb32b846e888bf4ec073cb1121ac3787e29184213f76f831bbf3095c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185772 Malicious code in bellatrix-prompts-webpack-paleobotany (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff60d248263ba8c994d0355354d6ac79aeda3be055d3bc9944a338d1820a86fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in octans-yakutsk-dotenv-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d751656f2ac7efe86e47c25583f93d9ae1536daffdceaf849d3483681ba1dcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geckodriver-sedna-private-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f149ce6b2c65b1e81703ed90bcf4bee777daebc79a1605415ce1b09fb9deb74b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in seismology-fornax-frontend-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 848aab6876b012ec2133173e8cad4463aa92d465bc85e151ff8357c7ec635ae4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...