Malicious code in webdriver-manager-deneb-nconf-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5856dc3105bafd0bd895c339e371e97000f404e871ca844f86c47c579ae39d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jasmine-iota-apollo-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abb148d7fe3af5383c5182391ac79de62170ac8d4404462c54639a8bc134a119 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rollup-plugin-firebase-geochronology-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52e0281ce62a32de1725eb603807b7890d11f596aecd42507b277a31497e925c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-gammarayburst-whitedwarf-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b56c9b24eb32595375691f99f8c8ddc7daae29986e1c42dd18f09dcebcd5a33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zero-warn-char-class-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0376845ad9063bf0f2b9376d50533a063b2619fb2337449648758d04568b0433 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in static-stub-dog-epsilon-final (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8517a46e26020ed95dd1167843ddbca884ce7dd5332da1c398e0078d7e5edc95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nestjs-postcss-loader-slides-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 136d6caff4f79bd4c2162390fa99edba8f8844e4ae965bc0081adee88785b282 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fusion-nextjs-iota-materialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2739ca69baf49a58e1a18599d116efe40fb26d5faa0c30a424d82a862f56e333 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hawkingradiation-backend-farout-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4e00a156c0cf07c9efdab34c198a6df2120800c4426e9371ec2bb80ebf0b4cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-parcel-innercore-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2f785d53eb57cf7662b6f998c6b059fc8dab31a64d5eb9fe8f614df352667b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callback-dynamo-lacerta-chakra-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6d300878b315b706f8527cf43747b70cde297845c6d57fd85b3a93e8b1d283a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-meteor-equinox-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf6caf727d2ca931162dc42199e8135f7c9bc25580dc02019ae90f6876bc9655 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-procyon-stream-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e497e4e46a9d7a57d90c0c65f94d4cbb5d2a38b38ddbc06eec016cc45c40b6e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in innercore-superposition-lint-staged-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7abd4acbba5b074836858ec5783011c447065694a29b8d590667f5c6cfee9cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-parse-variables-heliophysics-wasat-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f18f0da4eb19316997c90d96ccdcd3fdbbc492bb805db52cc447d51631bb5ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bootstrap-semantic-release-pulsar-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6105ade3946c0a9b9a29cac5be3458e9ab96773616c0e664047e26dcd915a13b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in array-stack-awk-emulate-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdbce20584aeefc07bff020dc5a37a22ea8e793ba0d39fe8c09d4da1bee7eb03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rest-rocket-lint-staged-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ef1e7e65a94f55f8c73c39b479acf45fbd81630246e7be641966e7229b33c40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187447 Malicious code in impulse-sedna-sedna-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e69eddaae3c39a32407655f5a4a6db2137f9f60b9ad3397f4708efc948e94aa6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188887 Malicious code in protected-table-sanitize-secure-void (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e338052063daafd3f8c42a15cf174fb25f63b00be8905065df5cdac248357a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...