Malicious code in old-string-protected-omega-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94b4c6b9e02ae8116c384e78de29b120b55757d7fc40c59281afe45f6917f764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-cressida-biogeochemistry-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0768619dd13d60c867707b16965714e491fc15a027c1e3dec26fee22674eabd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sails-soap-link-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1eacbc309f43b7b1aa6ae69633d9efe8c8721438d82fdf6da228ed4f8738927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tau-mu-good-beta-kappa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffc911728d84781a700b5b9e706f5e42e1d50b3a29e8c8141b254da2aa124f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-mui-neptune-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136b3090f7d6b067b36297ef6ebb55a84557fb83a4e61d63cd6cefe4a117bd14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radiant-relay-castor-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59b307eb0d461a57aa2403eb54560b300c798532f796f705a3d5c5d94c8f7322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in backend-enif-gulp-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 122bef2ede3ab83f9e66df9ad3abbfc3f659d6ffed354515ec638847a8bdc732 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-pdf-draco-kuiperbelt-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 457f8521a8a18af9a89cd6741bf8aefb4c61856eadf34157ae8ec6dceeae7990 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pipe-astrophysics-astroinformatics-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c1a63f8bc23f63c7f34c6526b949675e4cff34dd203b22a467e3952555220b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superagent-nodejs-darkenergy-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b67272242401d13795a21648e9ed851a8a41d3437ea5e83936e4c11bf21703 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eris-umbra-dotenv-scorpius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dbf7714f75abefdecf0f36cce8d8391b67049c271697d541efac035b1b66ae5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmogenic-astroinformatics-mesosphere-soap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f5567535a8c7e5a16a20da17662eb0990505e3a08147a910886879f3674c79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-cross-env-nova-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eec2e3c10bc0dfd078bb269217828be6878379754bbd7321847eb20ddb238aa4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in reveal-md-process-ichnology-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b3d88f3b3bcf3f3b98fe360b6e28a6e51a6c3eece1e447e88f1decbd0867a72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in encrypt-meta-authenticate-log-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b652ac77988fd5095d31173051f104a9282bb6428032f99261ebbee04f6289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-filament-meteor-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aa9a3400f1241a8a8b6722778c946764f66a673ba27b0e9c822be836a418815 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bioinformatics-async-wezen-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d985ecd64cacf5233b2a1054b7e2ed5ced314f675ee6e190abc588762b03b287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in array-public-code-async-decompress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c5125aaab20daf226f1f46aa858aa081d49eb3240d4c8c2c463b4fb8dbbc45e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-html-webpack-plugin-enif-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed318452e4290638abbef91f54d51d2d2f0ecfc9073c4d399951524680acd6f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187020 Malicious code in fork-object-protected-data-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d731ebcdace439a4ad52b59008be2f09ab2a515b808c75fbd971d22501b85805 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...