Malicious code in tachyon-mesosphere-spinner-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0199d4ad6da5ed57f1010cac95dc16558ece4d84ae6e6c6fb857dc52e6c6370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-sync-holography-xenobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d57b68e79022a7960c4c1549b9687a8d747ccc77b49e84f234d1288166c8ca72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sync-uglify-js-rest-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab95b633e6385faa2ae97803caa076c5aa6894ce8f5a472eb6441b96ae2ea32e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185746 Malicious code in balance-quick-throw-bash-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0add969aba29a3927363cccce51320086be073ea29a996c0087d9ab4119c23d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190144 Malicious code in version-pyxis-spawn-epimetheus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7caa9461ef60c5ea68137682e034dd31e821e161089f2d21e63422f8d9889d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in plutology-async-firebase-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2667b86e0f97fb1eedd19856990d65bd90d58cdef8d25af11e31617b84d717d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in standard-parallax-chalk-hologram (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e2934ac6320277e5063462e270834c731ea4b0adca554a815fc2fb2716df7b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasat-foundation-webdriverio-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efd9a86d6be17cbc44f9dae6883bbba2e3a38738aaf80a503bc35aa86bebe5a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xanthus-websockets-helios-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6f219d623b83cc1ca2712663a18695e219e82344813cf2e184bdb096c2ed1a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188149 Malicious code in multiverse-terser-webpack-plugin-vulcan-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3baa1735030fec28c869f9415dedd3770acbed82aa70c4034145b69388e3ca53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pegasus-shelljs-public-seismology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ae9566848e412c6cc8a435d2ac7d35ae39ce37d5248e08dc3c2d201708995b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cron-tree-query-unix-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34a183643dd8952a10e6cfa7eadbc3debad2f90787679d22a85f961c815e5d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-norma-solarnebula-outercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 310edc185150396d4084de6f1966060af47049a0250c939ebd7dfe2899c1f291 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-wolf-barnard-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 087da970166c0f101f1d299c7a994960afe6bf59968564c9c7b8f32b29c733d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in package-eventhoriz-gammarayburst-parsec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be04f1c66dbc50675b3c662cb03f969dce4e3ba82f68939b2b1971c8c1fd86ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-parse-variables-astrobiology-readable-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 465b6023a0ca0bca6df82d4e7fea4d734021c77c8d00b4a7e90ddac9a6e59305 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186371 Malicious code in cressida-vortex-lint-staged-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d541b72f12f4ff134a895458ff7ace3372090c5a8033ba0c1df81b2f95297a48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189155 Malicious code in relay-halley-ophiuchus-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb396d85d513ea55033743e3e16569ef6ba440da167e3113d6d3ddce6e2d6372 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190074 Malicious code in update-barnard-rigel-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b80c2b2d41189c75ea3088452d80ac7c923a98a02010f14f29fc8329cd007b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190388 Malicious code in xerxes-paleontology-dorado-pavo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bbe070d105e81ca92bdfca6f8bf4a4d5c2018fbbcff99c7a74f916951732f5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...