Malicious code in table-old-sun-await-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fff252c7519516e755af569d60b67bb3cbe754fc47400f464b2f0a3628ac9d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in solis-semantic-release-pm2-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f3fbcd8cfd3f79b4077a30db2336a9949bd3aed84da84464d9498779874eb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hologram-jekyll-radiometric-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34423c93c7a5b13e9f1e0d5bd862054c215574cb60b2d0c3c0fc097a038bc7d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biohacking-release-it-augmentedreality-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e8f051057f6ad408a29ec68c9629075445fc49c9abcf12e5c34962065fea0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hydra-markdown-pdf-resolvers-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3b797c75fdfd25ea211ed69e79105dbfa687f29b61dee7b5781593c49413254 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gridsome-procyon-karma-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1936be28cc33fc6163682c5679971d9806a52fb6c824370102a60c6401e583d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in css-minimizer-webpack-plugin-superagent-npm-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec208a1d158e4c6d43500fa2e73288eb7c5b912b4a3684dfe6633d3d33ce166 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protoplanetarydisk-thermochronology-zenobia-multiverse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a758e62d1f343445dc19b0a564a18702d6a739a33dbcd10ffa4647fb31d66c37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in asthenosphere-auth-andromeda-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd65aac5664169f28da94ba7b0b9b5e1ddc284c8fb135b806e87c8c47b844445 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188257 Malicious code in new-mu-sigma-float-visualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fa21d505506eff18701f8090ac5bb4a82a953082bf6a4a64fbe6fd639435403 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186699 Malicious code in electron-builder-kaus-non-blocking-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc97f9ddff3d836878325e761ded0213655d4240acbfa676ac68ebd722f29c61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188003 Malicious code in metabolomics-octans-soap-membrane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1129f0e41c2b3a17aa60e8ab3ae6076953be4f3882077300095a37d4d48c2647 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geoarchaeology-archaeogenetics-spectron-webdriver-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d023e09a2edec33372bcdf7291dd928ab241ed4aa9f81604743121eb2b4a57a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cordelia-websockets-yakutsk-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d647c58f0a661436c26cd8beb4a3828948c14da4a4c99f2bbe55d3e02b0c14e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in authenticate-array-cluster-mock-import (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad84b36cde33af206233558b2f96f5182a2836be13c44e5c3ee34f9e9e69a6a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supernova-saturnology-asteroid-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7937459b0c7fbf26e6ce76e53b247007a9cc5cd25f0a634fc670aa4fe393be64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in relay-neutrino-procyon-stratigraphy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b46d1421bf767e864fb70e46a380881c11baaf943274c94aeff70da06d51a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abiogenesis-cli-start-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8fedbe24747fad784a07c56896720db43b38226d30e4d557281b607426d706a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fornax-jest-ariel-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feb0d79504b1094ae1204fe3e8908bc1eb45f16d9f0a89e03f7a2f7fc5a0d796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in java-simple-void-fork-sudo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a431fd38fe81d86e10d39de2b0de5f9e1d478535958d3b4f6dd4350bb47db014 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...