Malicious code in apollo-dotenv-parse-variables-stratigraphy-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6b6bff1ebc61f26c983aa31d04f318f822c5eb75b154187650b15d6904971d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-float-optimize-route-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8e098a6f9822425661851047a431e132cc1cb8d102b241a0dd8972f13b4bd22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in axios-mineralogy-pyxis-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 363a084cb89546d1716a8e50fc4400ad1e5f3cd26c06fea728164d97c956c8b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in config-dactyl-foundation-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5de4251893f8cf0b528c2444bc8aef33307f0241ae32247dcc74b1eb4c4353bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fomalhaut-restart-loglevel-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2249aa4fd99b1a153ecd1845d37c0b92b17c3447a01493b2f5ef0609f04c1196 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hyperion-build-style-loader-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c2c49786a819fb2277b7d7fe04a6cc6c4ad22bad453495d8c818dd4aa2e701 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in loglevel-hyperion-bootstrap-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3637624f4dc1c51c25b26e76227b5d808fd156ab28fec3f880fab3b549f18a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mesosphere-innercore-transport-proteomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80bb5102ce8c8e9dda9b0ada71dbcfecfeda472735d4acc10e395b1193b6af4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mock-string-simple-final-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38d5a29590fbb31cc80dde1e3ad6cfd08ab4787dfdf5aef7c978472bb42c5d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoclimatology-izar-coronalmassejection-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 756842e6db0bea1f94727208f84d51be02ae8c8974ce68bffbdf1c771231d633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pi-compress-grid-class-fast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13a6d671c689d2c3dfcd0d0dbaee3226495d7038edcc575e8554523c622d82ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in publish-antimatter-augmentedreality-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d5d6b123e34a8689a89de8c4284bac809a0af916cf5f51956e0bb8bcf35c67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sun-bad-assert-secure-protected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d895d4b0345e91c1f17b7dcbc0cb8bd298eccd311b392650ae6fc5dc7c9258d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185446 Malicious code in altair-async-jabbah-radioastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 164dc0d18e8436c9b9b2d28e91de04e69468ba9603a30d5512837f595892c8d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187621 Malicious code in json-apex-bellatrix-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38231f3b23eb298808545b252b5eaffd19584dec342db9b7089bb12e652ed006 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186356 Malicious code in cosmology-schema-morgan-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ebbea8d78a833ae8f4cb8e6115ca30a7e0e39466a843e3dcb9fb00210b1fc8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188860 Malicious code in promise-interpret-cache-final-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9605759b1020adeb5ec89f5a9efb1c8e482a5658943df0515f8cd42b73f4425 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189614 Malicious code in spectron-webdriver-async-primatology-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4810ee66c68692cb4e0793f469d0d3874bbb2255c23b0dd696e904d2e43f0c2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185611 Malicious code in async-buffer-cosmiconfig-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bba737275085236d631d085f7ea2af519c6a7de3107578c0603efd3f092802a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190191 Malicious code in vuepress-mineralogy-aldebaran-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a174c9530c0b8fe98c44cdccf1bfa383d150ed11c2a1dec533c5293ae03557d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...