Malicious code in command-axios-asteroid-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 180631d019bab0da64cf4a5f147075f13b45f0a00baf1b63e034c9f47ebf1e78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-webpack-nightwatch-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318806806d481ef740dd17c622bc164b94a295e29a9282fc7c00d3951dfeaee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189131 Malicious code in registry-relay-electron-builder-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a67c1995ab1976896034e028ee640c5ae740b13db01b79296b2487d4d3fcf022 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189360 Malicious code in saturnology-darkenergy-sadr-paleobotany (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab539e896af1b7f48ea627c96b9ffd7a622b3e04fd2e1e71d82e26080d7deadb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186413 Malicious code in csrf-thermochronology-oscillation-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23992ff1d63ebb87f14b33af1af9f888a76886aea879d7893bbf8d971fb1fa92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189946 Malicious code in toml-ethology-cordelia-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18524f8a4185f881f243daf29ab7f4540519e31f88063d8df886042a8f651320 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188423 Malicious code in omicron-thread-report-query-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f62ea97ed14fec7e80933898874e26a0acece68b1bc07541460b1a79ccbebcfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185693 Malicious code in await-float-optimize-route-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8e098a6f9822425661851047a431e132cc1cb8d102b241a0dd8972f13b4bd22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in redshift-nebula-cz-conventional-changelog-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf33e7a660e7f12a243bf4ae70b1401a0f4b66ec86a8c2aa5e877f46d3750826 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-tachyon-apollo-cosmos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5808e78b34136ebba63563f7cd291a9023ea14a6a89294689d6a76ff25855793 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bash-load-fast-unix-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ecbd7ca201ba821c1a484ec5b1956590a49883fb903303e7ff401bbdf9ba78c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dorado-jest-gatsby-fornax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3af9de4e8e9dafb88bdd63a361c5362004e17237ed4fcee7acb6bc660c15eecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in boson-forever-leda-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e04409940d60ba1bb1617b5bab2f58238f1ca510ca9c125244997903e6856b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helios-nightwatch-tethys-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ab19a67d9571b4928642ad52ea4d92a1394cb76bd2b6e7484639bb37cf0aad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superagent-quasar-exoplanetology-areology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d853869d6ef8c38411ec721393742c67d73caadbb634ea41152b4f4b9f1c4cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185465 Malicious code in antares-genomics-grus-planetology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35bf64f67e83bbddde486bb7b751b28499036af81c5344a6d53672bba1765624 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alphard-gatsby-commitizen-node-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa5b5cad41900c2a1a91c718854a886f4827fa919f848f476fe11be4a3347afe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188712 Malicious code in pino-virtualreality-cluster-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a8a39dede87555b3f9d581416f4d22169c536c9e714a58d22911815b9f289b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mira-apex-lint-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c6ef9b3af85b23ae480e1b74e397be16eca2e4c1a02bd4bc8da7f5925457757 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tunis-kjt-garfuavimas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c895549602cf17cb69115a0f80babcdc86908a8b6552d8895b933cc9b84b078 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...