Malicious code in commitlint-prosthetics-altair-magnetosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60bd81e041aa9a99e170a706cfe17847a5bb8cbbb63413017b209781241701fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deneb-warp-nucleosynthesis-lepton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e70719cc700229a9dd67dc10f095ef7a077cd2994062c4934645d61f181e602 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eventhoriz-stratosphere-polaris-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4368f8dd780993d398046a88d6324b8930c167369b5c2e9e09a85da327a90a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-google-transport-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c44eb151cbcb09b201958c6f74871e720931d3f659375891dfd01e8250ce544 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mui-meissa-technosignature-wasat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 088bcbd88f55c5f1b962517c38e2bd635b0e0cc2f335ed174af96324c80a3a23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-mocha-browserify-polaris-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b640f1c673336695396387b7f094cb43add4f30d5b92b609954328f2c7d31bf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188750 Malicious code in plutology-async-firebase-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2667b86e0f97fb1eedd19856990d65bd90d58cdef8d25af11e31617b84d717d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stub-query-psi-throw-secure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dd7b2cc2fb20759a58721427ac3d60016983e8fa20eac2a84777eb233da97fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lint-cassini-metalsmith-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b4b2a23fb9c62a119ab9c0e8750246e8d4d015ca5b2da5e50221be5da0c3609 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in indus-farout-carpo-astrobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0038536bac5c13bd53dec8468ebaaef7cd5e4305c525901b01db203f61007e73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in long-nu-new-nu-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f181626cd1e58ae54d5a7e6958edad8e897a4a8cef1412d594b4d7f983ba163 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in adonis-cosmos-eslint-plugin-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f51440d13be3a94db6138efdff6d65f7d866cbf0118a7f11859f4508a808663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auth0-andromeda-heka-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68c39f6cf6525f4014662ebdc8b1f003fa6c12eb9f5603ce6f8bb3d80ff05d4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-mock-rain-enum-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea254d49e0c0d242e46d727e244f3f050290bdcc56d7af59a51ece0d90a9ecba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dysonswarm-loop-command-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee1019e8fa74570eaa1b22a674d4869fc6cdd1fed122f53267d55d7dbaa65146 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elara-auth-enif-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6a97085d0f95d38a45aa6b0ea2fad76374accd0dce2a52a48e7dc7b4bd9758 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in epimetheus-sagitta-cosmicweb-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90bc7aa72b27d6ff25deddb6571fb73ec8eb566c3846eddf42956cf6fb0fa976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in final-secure-epsilon-catch-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17e86d24f9e0aa24c62e5e4c9ec1038d73add02f6ef91a7fcf8a98ddf0a6de0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gatsby-upgrade-aldebaran-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c001ab99214b4662862b263eac30593a78748adb121c5de870d37a660239fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef8b0e335c02e9e3202c8e0195d3bfd55501baef7ef0af424b6b5b8eb2310c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...