Malicious code in docusaurus-mdx-ionosphere-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26631d15ade64fb563253b7b5ed0e60a649adbece8aa582a4b8871615e46b3fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-meissa-airbnb-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f90614fd54ad4b93ad60971086709bbd736fc4d959596cc79df4ddb78e672937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in io-publish-antd-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cedc22f8cbf0d9e9183bba0c8556e601ef32acc19e25350db1825e97f8f54539 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oscillation-readable-supernova-karma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b51ba16ddec20c5fa98e0be10274cb14d7ed4c223f9f5a94cd339d2118dff1d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in envconfig-apollo-dependencies-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc6efee11ebc8382fbece0fc1803392ff0837ae4af2341841d4b417793e252fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187434 Malicious code in import-debug-compress-byte-long (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ddbf7d87c43bede607efa42308f8dc04a23e0da9d2a8b4f38190d92b71d8080 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187957 Malicious code in mechatronics-arcturus-puppeteer-capella (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1eaa9f69cc53c02498bf1eed85f24aed05f14f42b3aebd1070fcefaea74066 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189269 Malicious code in rollup-plugin-chai-soap-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 961e8a7cfffd287292e217d76e3379b062907280f409cf0ea9836155a60343e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186298 Malicious code in convict-quantum-hermes-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf996ad2856885b1746d8ad7f02dbbaf7e4d0f0ead39b1688e7e449f4a6c576 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189169 Malicious code in remark-barnard-commitlint-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78fbc8f80c4eaa1b4e6c6d18faaabd90528b2cd1b8a5e7b7f6333164c23b83cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astrometry-postcss-loader-mineralogy-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca444498c36427713db81e6375390896a4f50a84c54ef6a52a73cad76ca35971 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in singularity-bunyan-eslint-config-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2283510842946d2aa3d0b25e8270ce1e0e52b912769d3adadb85a58493c5e67c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quantum-pegasus-winston-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67fb1c058e5116640414a75f741d609712e320816ee67dfe77952386a9db1222 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189122 Malicious code in refactor-signal-float-code-char (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63bd76bf641eda520b1b2a0dbe0a1b53f6b4fc54d58d3d0fd0530f99af1f492b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187379 Malicious code in html-webpack-plugin-version-vulcan-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dde5432372bf813eb46eb9929fc1e8fbcf613a4f116a4677f9fa73a2800edb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189680 Malicious code in stratosphere-speleology-rollup-plugin-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0070903b281cd33d856ab30b6eb2f06f5f37806f5672eae32b0dbe0e003d1158 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cybernetics-uninstall-kinetic-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fd243fd996cc5cede18fa41a190ce43db1a1382253115fc0452cbb75f55c36b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sass-loader-canopus-mesosphere-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfd6bbcda59d091061be1dc396ddc1689c6765b89ec42a4abe98eb51e16a4fdb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mu-dog-proxy-decode-unix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cdfbf38d06291aae96e832f05b29f00cfd35589943f585837dc348ec6b1fce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...