Malicious code in sudo-yaml-virtualize-encode-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 472230c24a499cc530e4f6f10d962aeb1fe1c8006af18fb249913614d62012a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in speleology-pipe-pino-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc12667834e75d07b49fcd90c909c4159cb87514b0d23ee6ae4ae93afb1756b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unuk-chalk-proxima-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0ce5d6011d2ef1905085d1a8ee431dffae5c2a7086b8c43056a28deeedef0d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in command-celeste-resonance-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3b7daa0dd48aae2de3f1cc7c64f7fa3b63d95577226dcd56b70f089c12ed9b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in framework-rimraf-buffer-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fd7bd0d93981950b7dfc97b285205d98122fbf996356148515702794779a01a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-babel-spectron-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db366110319bf81bd38b78b1a2a132d41feaa685643562a2835f3887fdb2a96b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in command-dotenv-betelgeuse-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03c0eda4bbcf824a758435c6c4648e1bacf43810c9b85cf1effc8e2dde9f47c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in farout-enceladus-magellan-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f03292d746272f6367ea408c0c0087fee9c3da9085941219a55a63bf3705e7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189295 Malicious code in run-script-zenith-mantle-blaze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c8bc15d6d61c2cf729f00787cca8ae37164f36691b012e1c17ec1cfa919423f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186099 Malicious code in chalk-paleoclimatology-dependencies-parsec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a603788e55451e61a0dc7013d27051b497a7a2c3d8bf05f6086ffe0db7090038 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190332 Malicious code in winston-html-webpack-plugin-hologram-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a9afe8f4ab2829ba5b5196f1795f383340927d445f5df8c4dafeb0d41be9b8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190422 Malicious code in yaml-cache-sails-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af495e448a44b27ba05a7124ae72a767dbc8c0ee4b614c3f1fe4155da6a49a1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188178 Malicious code in native-electron-builder-nashira-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c326aa33890289362406cb0f22eec8401d0b31d237121e8667b24eaa89de69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in carina-telesto-taurus-cladistics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41d6f0ea86b084adb8b06876f51ec67386e9c0909ef0c64ef6d102bb502980a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in multiverse-carina-boson-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a771cf283fb9950e43b2ea7694717add47719ecac98d5e7cee380843483edf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gammarayburst-technocracy-janus-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a8fa380896847a4f64365da44abb4d4cb3d6cf76d566109c27ae8b4c3eefff7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189874 Malicious code in terser-webpack-plugin-mechatronics-rest-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d591555d92c42e4a868143c59d833b18854369f7c4865e3cce2a3fcf9bdfc6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186471 Malicious code in dagda-non-blocking-html-webpack-plugin-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8c96a0cb89808b6a9d97752e052ed1ed344076a7cfc56315ad0186b572be54f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187840 Malicious code in local-lyra-cli-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3d2ccdb241affe9f7c727dc834b0d859c9f62002f7ded63cd52e753247ab990 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phoebe-coronalmassejection-lightyear-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6110a859ba92c977665dd5d85d570cab3c612cfcc08897e35dec24f6e6bdbf77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...