Malicious code in passport-deimos-isostasy-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c50fc22d47ee88f31e9929566ac91e5175399fdb5f383bf0b9612abb971d1ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-plugin-firebase-geochronology-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52e0281ce62a32de1725eb603807b7890d11f596aecd42507b277a31497e925c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in function-fast-error-private-orchestrate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c9981a842603cf507c7d999a60dadff6bc66540d629ab5b9de39196574c5d0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-vega-zenith-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64a04af2364592a4dbe9304c1583200538072652b566a0c4367ccac8e31b977f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-procyon-stream-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e497e4e46a9d7a57d90c0c65f94d4cbb5d2a38b38ddbc06eec016cc45c40b6e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-parse-variables-heliophysics-wasat-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f18f0da4eb19316997c90d96ccdcd3fdbbc492bb805db52cc447d51631bb5ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188705 Malicious code in pino-pretty-kuiperbelt-vulcan-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d01b3bf19da8542bfc975fdfb7a80d55b99366b0702f190de1439f1a90fa5fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185871 Malicious code in book-data-short-index-object (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c5c6f6d40efd3bef72387801d8203eac1923bd99c9bf12dc04fdb66c1ee20c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186084 Malicious code in chai-schema-plutology-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1af430a378f890314e0bea7438fcf10fcaf30c0fc8e9081257df836dd6841a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185645 Malicious code in augmentedreality-update-tethys-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f6354b672ba6760324643bb8562f2600be1db9f193f5b227cd63d7e8e6c3d23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in extremophile-ophiuchus-rollup-plugin-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d5814aeadd2075aafefcfdf7e08fa80138940a6d61e92b031d99103d60885e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryonics-jest-tachyon-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e3e71ab2321b00d0c7b701888c94349c5ce8a4bee2d5dd85f7edf844271d669 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in void-cassini-thermosphere-cosmicsilence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40d4ba453816a13301206fa5ce0d185840b92860d050bfe09f03edf00a9323cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in heka-antares-vulcan-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41c307536c58204cd3b17873413e4c2936eb8555c5cc85cafc399332a5578418 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oscillation-leda-warp-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4034a7c18a9c9766f734ef16d4eadac9e3d3574d8910068cacc02e37e741318 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in semantic-release-aether-buffer-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ef5dd537b321d8fe283fd48cc1202163ccbfdacb0405c484311db90efcf6451 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in soap-commitizen-markdown-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b53fccb69500874953f39548c3d62dcc571d4b8fb7e15d1fcad2ffb8ccf05986 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-monitor-async-omicron-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061a9053ababe92204caba04969dab4473e5750eb9caadfb4089a4ccc4449c5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in firebase-ganymede-registry-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 110bf147f478aeca2501ed4ea4b9701c21692ba23560b2d3f5234b657b5b721e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hermes-browserify-alphard-greatfilter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e30708db9226924c56d46254043ab17828ef65f1ed22ce45bc6353202adddb3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...