Malicious code in xo-castor-frontend-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 075c29e54a9911238abd8798bbb7fef42b22c93a5a8aa1a39d9fa0bf36cc7c7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tool-callisto-betelgeuse-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3014b72f48d0cdf678c671d8bba429cf7ad5630d66432049d24216676d7ba809 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ursa-eslint-config-draco-kronos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e217945f165a1f3c90399d422a9537e095a863757767e01869c147571bd5687e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-pdf-boson-magnetosphere-paleontology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c38c10cbcebe8560cdc3182baf4edfab1ae95d08ad3c9ddffdae25d5e72a4206 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mantle-mini-css-extract-plugin-singularitarianism-areology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0ff722dde20bc419da2c0fab62920ba320fada29e63e642f21743e99b42aab4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-mocha-browserify-polaris-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b640f1c673336695396387b7f094cb43add4f30d5b92b609954328f2c7d31bf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parcel-google-webdriverio-sails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d17b26028a44c6a611d61546ee88d844106922a582c3cdf99c42dc06f6d7f89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmicray-mechatronics-selenium-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6da921e05e6fd360c43a4f94406b773772224e6ecdfa6457c1fea2869b6db4b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nebula-outercore-promise-lightyear (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66069e88859f70dd33e442af467828063afd118ead677224c580a78b092e7d93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-mu-private-new-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8937b05c71005082adf7bc0bad95bdc9dc7074cc69262f27f317a80070db28f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-cache-neptune-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dcced428586d5c658c6d06f02558e785120656560c9a4da656ba00cfb75734c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mira-pipe-stratigraphy-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a737e899eebfc93719ad05ec9c57d48a39e9ff003452bde12f51658c501679d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-gemini-jupiter-heliophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089faaaac3c0796dcadd5706ba9d72fecc451884fd1cf61f39081991d2cb04c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188197 Malicious code in nebula-build-auth0-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f64f27094bea7cf9d6b3712a3714081b3884123be343a197952c08d6ad1b940f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186760 Malicious code in entanglement-levels-leda-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e292447f2134db338338d63f8b2a16b4bc83686c388f6b6c05cd2d77c971844 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190043 Malicious code in umbriel-bootstrap-polaris-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7e22f661b3b8aa6ba56ea19195787c22f7e2c718cb13c4698d74adefd90d00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187306 Malicious code in heka-mdx-kaus-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272c8eefdcedd52dab7dc0dd7eef12e6f770658cedcd0d14ba9ec787e9ad9cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189293 Malicious code in run-script-taphonomy-interstellarmedium-antimatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51879f1dbe92808190dfdb4174790001ed7d379658ca47564fa784211fcb2319 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189783 Malicious code in supervisor-winston-superagent-exosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c074d6bb8981f905b8fa46ab7436103cabd9d9c9259190086e0dfb4dea7f3f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...