Malicious code in daemon-function-throw-file-dog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5a73e261a4f17a185bcca6a3ab3abc503be436cc2631043966eea2b64c29a97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scorpius-version-convict-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27986efea5940e143ef52f332a5839f8ce777e19093bd76077e52dcba452c9f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ursa-process-query-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9eb276d7c42a3eb8d32f6a4fd0ec8a87d3a091523a686fbe495218f0f56f05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cressida-vortex-lint-staged-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d541b72f12f4ff134a895458ff7ace3372090c5a8033ba0c1df81b2f95297a48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenobiology-electron-deneb-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95d8ef715a3d090ebad1f5c4179df9c012946cf224baf6da20e70544e333058f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in error-fast-class-visualize-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ab6287114c993123a1c774b449f01bfe2dc45a5f5b310517d84dc224ebd170 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centauri-mesosphere-deneb-solarnebula (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d7fe577b56fcae0f18e8a9da6f6515f83d22eb7cf08237af200ee4ca5977f6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supernova-miranda-ophiuchus-resonance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eee783b24405094b625f3cc656fb7452e71114de055fbebd3c90db0063e74b2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in visualize-cache-web-float-slow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3f7f24dadcead52f45d3b13c1e58579d94e0015bb0a26dfefe06ac153a45caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mutation-exec-arcturus-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 482caf12c32414f2e9b669998df2ea4c0f636c61aa2294ed275285eea1b96a5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quito-config-lightyear-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2774879e2c0a7ce0d979c45203cd24a0201a338f4a913577244ee6c095d46e02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190317 Malicious code in whitedwarf-fomalhaut-nodemon-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 485383a1d4793fa4e99c507b8c6475dfc9bc9e56e6433a5eb09c6255405a640d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187626 Malicious code in json-miranda-karma-auth0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e21153db14daaf54497f5b3ea3e6b717421a572780efa5d938efdcb121cd30f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185732 Malicious code in bad-grep-web-private-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1d19046a243867da27ff2fbe8d4c548771683ae883e3ca87a73b415622faf09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185383 Malicious code in achernar-zenith-ultra-joviology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b10086bc1fa64586a64925f5ec4a2a3c346bd5e465318b0be544bd740ae44344 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189043 Malicious code in quick-decode-transpile-array-wind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 789be1eb5319667c7103faae653520c2ac40f78ca9957e497f34f7395845b3d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187743 Malicious code in lepton-pyxis-aldebaran-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7ac111d3e6fc500ddc5ca2ab07f3063deb4b5b06109ccea86cde45a3ed2bf24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in daemon-old-mu-interpret-deserialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dda0ab04e2ba0fa8f40b2f82ba9779c443b1f435191d835b5aa780d630f42e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-cz-conventional-changelog-link-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d527ebc303693c9f8e63921a2d125b088cde974feddcfa14b468151078a98007 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-mira-procyon-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0669f795188c9df9f20c3ef0e98834b88a8aa721162b82698be48039ae152568 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...