Malicious code in prompts-capella-node-config-biomimicry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5f5aa037e69c5712a92678019d6d286a73fa6b441140f34d4a29bfbecb25b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-throw-psi-simple-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 937c92f1846343ce1e7e08ff398c3ef8339757e31ea3f856fbedb5d32b508cf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nuxtjs-heka-google-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc5c65fb21b2b3d1ecc525d9eef20278307f1623df27345292cda8081c3ce4f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in archaeometry-yaml-phoebe-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 880fcbbb3bbcce9c482ea58ee1f84a2ff2286445d9705d51ab580632d70a051c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gravity-wezen-sequelize-fermion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e705d37886617b79af3e4139947f47eb9b4a67b7b11b7b5fe989694e66d8e24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alpha-deserialize-book-upsilon-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5a39be23ad3b4541742c950750bed375767d1cb58d4a9ace32946e02687e56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in integer-simulate-mu-class-permission (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d1e3e6d31b5281338a503320c403e664e5c502d3f9b3f3bbb4a6938938b2b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in export-hot-cold-orchestrate-awk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29679a768cff74bff87249c600a87ea07ac325f73af6665e836040a9722c178 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quark-dotenv-safe-run-script-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4a6e17931e4aaa6fd168c9dd241a0af9cc5a149837770053fa39c03d71da231 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-firebase-janus-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f114266d957185bc93c8b22586ca07de60a7351df40704e372b30ce491e652d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in extremophile-ophiuchus-rollup-plugin-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d5814aeadd2075aafefcfdf7e08fa80138940a6d61e92b031d99103d60885e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-boson-publish-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5443c2030097f72cca3da1bb12aa17e11ac24d30b75d4b58b456b05ae958239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-oscillation-supervisor-stratigraphy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24c4ee8a47b6f72647c164486538c1d1765edb3e08b84f85ff8f0e12991b0634 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tachyon-asthenosphere-less-loader-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21c3181d7e1225e94cf6ec96aac89e6b7e7832996548331008eb289be9aa746 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186482 Malicious code in darkenergy-palynology-publish-terraforming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93c5069eda2268716a6bd3f21b04e0176efd902552c133cb959b836a92adc3ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190252 Malicious code in wavefunction-prompts-webdriver-mocha-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9133d1deb74b2792ed8706555c49fa13ce1ca719f838438eaefd5622916c5386 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186640 Malicious code in draco-hermes-betelgeuse-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e3e9fa277eb2731d2e5d6b112e3c7dc4fcd0328ded4825757ce1929bf1fad88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188840 Malicious code in procyon-aurora-zenith-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ee9d82155772729a89d4891311cc4f51a4cca870e1ed4af8058e7900dfc6f7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189032 Malicious code in quasar-oauth-perseus-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28472317cdb1fc5348cf5966fda3fd7258b958bfe4a734759408ca8b0ede0160 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superagent-loglevel-stop-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a6c222ed3fc6b5b431b69951f4f3dec5dc9dc593bbde310b59367cb4130c446 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...