Malicious code in umbra-metalsmith-hermes-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efbd93e95ea1a4a643c5056c08bcede32284315366dcdf316f1b9da9df3b55c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umbriel-indus-cache-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0041c45b1fbc9629082aa3ae49b8c69276b718ce4be4e5e9fc13dfe78a9f712e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ursa-algol-ganymede-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c303cf7884f70151ed9e6b5bf9c2c7e507450c13a216a7ce95ae230cb4f238c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-dione-graphql-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6fa48966204e7e4ec2f499960681d755ac463ce41b39eb2a6f9dc1921223fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in odin-sequelize-cordelia-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ede57c525fa64420cf83ee79e24cda9ddd78715235b24f77a61720b1a7045f52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139278 Malicious code in aldebaran-gatsby-phoenix-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35784680b56a34e605ce149c9cfb50e108268e0841aa302c3aea60dc7460f7dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141895 Malicious code in electron-builder-aldebaran-betelgeuse-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 549f931c6a986c413378aa543184df78de854ec169ccb0a68ffb6399b50edb49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144583 Malicious code in luna-spectron-webdriver-miranda-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93e4122b6e302ce6fed13782e4725c133775ac1f71e3474a36b3669158be714c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146187 Malicious code in phoebe-webdriver-mocha-dotenv-safe-nebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4741cab512695c1c5578f08e6536747101c2e0fff2151fbfe86c9ec962f7f78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140068 Malicious code in blitz-zenith-flare-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5457b432b98f1a1c93c0545fcb9a402ec65ced668164a76265adace81149fbe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145863 Malicious code in optimize-css-assets-webpack-plugin-lacerta-non-blocking-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdea074e797e07531aac19bbe4149f751c9f8ad088ce2a74553c007a9852be1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145825 Malicious code in ophiuchus-kinetic-development-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7cead306982c4e53b259b7fe60ba0baf7a14b6ea52db778371e3b45751817ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callisto-cordelia-winston-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21b5408d4585ed37f98fcf6fb078ab382491ab854e3e69db0c57fcc3be607c38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in element-ui-aquarius-pulsar-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e148e048a9d6ea1ef88407cb658357a67af0a8b1c711b2bd44299f67bf0772f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in buffer-oberon-dotenv-parse-variables-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 349ea019c9a2411a49ded23e230d80740483a2acad4e82584b01da47613be386 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cygnus-style-loader-sqlite-solis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb98b6dfeefb2c16b296f59869bec9e0ec675ff89d8058fa5216b656f1b1331b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cassini-repository-miranda-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9994289f1b06224486a425bfaa67a7547e6b44511dfb090b75b18603974c835 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callisto-dotenv-passport-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4bc932434479fa4e81f262b0c82cb63b971801af78eff50112834c003780c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in carpo-bunyan-server-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba6973f52a63181e3e68ed68ba75c24c59287e638797dd3fe7f6afe8254cc2bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cordelia-enceladus-cache-helmet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778edb01bb85f7345c2bac7bb6151befe15e9172b50b7b58d43562cb74c2466f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...