Malicious code in fornax-phoebe-jabbah-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ab6a4c8a169e333e9defa80910133b4b619a071f3e744ce182a3d24ec5ef6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cassini-hawkingradiation-rocket-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5253824e08b7a2567634e293db52907f34094d4adacb6b4ba2c609be5a522aab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-release-it-telesto-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156c3f239097b5a3342ea65e94f1f7759096530b2c5377c81f15266c47ac3366 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sed-promise-book-sun-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 487591f91c88820f45d772a5bf89be52c050f84212384436653e93167d3682bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratigraphy-archaeogenetics-pino-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8b8215edc8d75314fd70706553211c18d60e357ddd2ba33d98c9aebc7bfc32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in virtualreality-gatsby-brane-lynx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a69bddd80a5fc377b3fde1aa2198a277678c7183cc111897c0ec1e4b44f9f15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-sagitta-saturnology-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8edf752315cb247edb6c5969349b45e0b64f798bc16720b9f806ee1b68fad823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in plutology-fusion-interstellarmedium-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f35960a2e783fd708a06c72b6b350050e03cc9c26a05631b4ac3c5ded4e9e70c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in interstellarmedium-pino-bulma-darkenergy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab392f921f051d5be29925ee8bffff06c637f5fadef8a9ab6399776bf67709ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in webdriver-manager-cosmos-mongoose-got (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40fa86b786f980c3c1320b01efae8acafc5bf76d1ad8447eb7724e805a945ff8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phi-secure-deploy-air-finally (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc13f51e75a048ac88b7a6957de8320f60bd9b1e5993580feb537cf2c5e7abb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryonics-blazar-nightwatch-inflation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 979ba0303bc9ddf59f3fffdea34a170449c211541be498556e023a17ecc3e919 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abstract-wind-sed-void-chi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d5e53ae7dda852720328d7a274c948331816065494dccc96a2c29504e8b584b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in serialize-quick-alpha-book-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3a965104bed503baf5938acd3d4dda26b3d1e3317487000bed52dba4bc6959 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in metalsmith-json-husky-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 478b97c7a91f7c4306ed3e704e7d987f5ad1bfcf878a6b3f756ab08441f24198 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186585 Malicious code in dione-cressida-schema-spectron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b81a6fe4ab37e65dddb881aa4accd68c42bbcb8ccf04f2c82979b32cb35ccae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188134 Malicious code in mu-slow-star-promise-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb9206eff6650a994f2c98e32fadd91c33b7fc08c2063ec41f3f3306a68044cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187937 Malicious code in markdown-relay-optimize-css-assets-webpack-plugin-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814d9c5cb9e62fb3014607e0cc8e6b132834d0f216d57d6a055d9aba26c110d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185828 Malicious code in biosignature-enif-element-ui-biohacking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4715241285965588427f15c1ffe35a84f94a2a86f96acc208d839b45622dc284 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187674 Malicious code in kaus-atlas-aurora-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18819dc2e7d57c5c0e06d57e37b2c5520650bfbd6ef84b3a55ba46cbc0c2ca7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...