Malicious code in zephyr-barnard-troposphere-nucleosynthesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 831b922acb7d0b3bb4b811e8e897750f882451d3cf95aa508cf8093a45cb48fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in decoherence-neptune-saturnology-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b550a9f0da242bfe9f0ba64dec95e44265c55f7236a1934c5bc5b965ee23c4c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmos-coronalmassejection-remark-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 208a74d2761cf9eb60cec0d3b5d1fc4781bf4aa0d64bb47e029d69cc94828006 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in figures-mantle-docusaurus-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4496ad3ccf9f0ca38f59311d9b93994276b171cdc331375907b93eb90f4b00aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in assert-float-private-process-star (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 381d6b6ae92f501705369a58be23c204be60a36080085679894d2452de8eec27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-ursa-prettier-plugin-markdown-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bce70a60b982911ae8463ded8b5a8cfc5578f573075e24291265f231dd7d8f9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in superposition-elara-blazar-webdriverio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e25bd7c322c1ffbeada86cd8cb350beab0fea92495645801e8baaf7b2dcf6cdb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-geoarchaeology-husky-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf0b6bfce5b812d86511042ff2d479088f8af8dd44c9845d780bf4d110c0a8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pino-loopback-private-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d7a952b174397738a23c00e9ed18756c998616228c01ba8006756c57704c905 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-pulsar-native-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77f6eed59f7619414161370ad50e8f5199beaf6fbc54be33c3655d66196b94be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in steganography-yaml-quark-geochronology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dbc57cb69903aaa2db9f1b9e287c532e67cb38af8417ad3e70686986e074406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in corvus-phylogenetics-metabolomics-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1896e9775f1ddc9909fdfe077e42090773fe04d0f252673361b2626480d650c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-sass-nuxtjs-octans-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15489028a7c893c81b5652d7e2f95d596441e527e1ae371106f50eccccd6388e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transform-version-sequelize-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0b260696b6e01b16b95ea6411e5bdda668fb587ccda3c63e369cde6cd117d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in asjustmeteai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 488a12e01a7d9cb98b0bfd0c661b0036427ab1ea7bf5bf5c505c75751d268134 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187469 Malicious code in info-user-wind-book-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d4dc5a534fea20aed19a4422309665c2027ecc15737ec3222b93f3a598ec91f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188529 Malicious code in paleomagnetism-playwright-blackhole-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3ac923ef3e0b0386e7575fe8798cedb5b699921978d28e61fc8bdbe8f8eaab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190241 Malicious code in water-cloud-public-big-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49323ade98a3fb6caebbe0cc2612cdb4f4fc617e455e9031e1cb581830ed868 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187238 Malicious code in gridsome-slides-pipe-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d3041ecadbfa1b9ee20c448a9f21b65c9463e9e394b9f82d5a14402dab7ac41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186759 Malicious code in entanglement-jasmine-seismology-nucleosynthesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6c9ccd83a96385818a27d8b5a66cfe8783c5d31de6b3b174068672cb1c3b5cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...