Malicious code in ignite-cosmicray-accretion-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6898aafe008e3c13932d7554f16b7c52bff08415b7ba39795af33e4b574c3c6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in draco-terser-webpack-plugin-hermes-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfc47154389db6b336180cea32210fc4d2ad1ab645c023aa1af51c7d31900f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-cosmos-resonance-loopback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c95e97f651188e953913cd0aa5f218e99332b565f20b2a3260e5b791bee3db7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exec-local-mongoose-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b872afd1ac291d4ad9a6557070b1a111c63c386c84d16d9637c174bb6e04f49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lepton-async-archaeogenetics-exoplanet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f676584cd19d58d3daad93d526fe717b85cbea7fc7cfdbdf085a8c6a7d81fef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-antimatter-augmentedreality-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d5d6b123e34a8689a89de8c4284bac809a0af916cf5f51956e0bb8bcf35c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186302 Malicious code in convict-writable-webpack-cosmogenic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d97564ab9fc4db43f4230b9d93ccc412d62ff1b73b25e6ee7eeca8c3f4298df7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187785 Malicious code in lightyear-cors-quasar-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 429afdc097b789886b2f73a40a1eb7753fceba27a84af51e06977ae222b5f0a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188131 Malicious code in mu-dog-proxy-decode-unix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cdfbf38d06291aae96e832f05b29f00cfd35589943f585837dc348ec6b1fce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in izar-string-command-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dbcaeebf03806cb0ef5c609388515b241112b004e88e71aeee348b374f64a76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in liobc-ug-afayafuycig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b0a6acdacd00e92ac314d37f5f4767ad48afbc0d5b961565bdb68c7cf4c5ae2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185009 Malicious code in sonic-koig-tm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b70c5ad40f6211c37a16a7fee970f99a23120a6a4fd485a805f88d1187177ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in one-kat-iba (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42b5eac24d2aee8b44265d09f9d7f11f8f1805b163da90783cc65d2d54e1891c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mok-luni-huojakiavuggijim (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bebae8d231bdab2d563d6ecc7ab40bbb8c42b5379279479fd96303d266e411f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in poliaoz-aiko-akuivavaun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 298efb2cb6a22024efaf6d93defbca17322257291c0bfb50e6f1c92240ef66b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modiov-khan-avcafivaivd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b747cfa4a60df02b4145084426c9e292df3db80b6909d789245e6ed309ec0604 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mitali-don-olikiakbuamua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a53af0bec88534ce6d812d57f3aeb76ef733d5c7584f5adef8f0693c895aea73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185124 Malicious code in sonic-kulig-tgacedadopav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e29a26b3e252146ebac0149cfafd1e7982c324db07293d294dc0fb873f45a2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184389 Malicious code in modiov-kihoan-afmcauncxabtr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ec5f641ac3220ee5b14fd7f47c1b19653e8e7fda106f905abcccf0edc3b3d0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in baso100 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34304c8686d8af42177beae58bbba859163889c7c94d57fe722bbc9ce2be52d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...