Malicious code in non-blocking-miranda-gridsome-cosmicray (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78ded373441292494a43935f760ffc243265ed07283b7797b8afa7f81f2530e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in module-serialize-fire-bash-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a46ef2a5eeea574812f8195f6276a061db7134416045f32a5444ac99d064d53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in earth-small-scale-simulate-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49fb4a6ae7bf4b0905de3d73d4d9b8c46faf60e8c2e993b8f02590be8e6893e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aquarius-quark-materialize-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1361235dc778d6f5cbccdd8b3c169fe0d8621f1ccbd26ff529fc2b01bae8e0cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187986 Malicious code in mesosphere-chai-hermes-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3a859d8b89079691e1fa4081212caa22fbc584c0379ef009eee6eb1c9d5ba1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-protractor-taurus-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 266c9e23d1090c912eeaf40a4ae1dff191771a30ef3486e1591a591c9ae91aa6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ignite-hermes-ophiuchus-semantic-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a46d3fb402931eff7024c48a03204cb67a6ee59f55d17ca893a2a5d4973ec28a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abiogenesis-proxima-astro-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d17178550a24192e99f40c2a9a3ba7bbd1e503c96df3ba401baff83d82ccdc48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-ethology-centauri-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e6774ffcd11a4066195a9f84a607d2f890cf53790c5453023adadb6b0b46724 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tau-upsilon-function-alpha-kernel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a90193271ebae98b6977b41632875a580c5ca8ef7aaba725f10408347fa64fb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gammarayburst-neptunology-helios-kaus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1639aed73bc43db96f2914d88cdd73979fcf54d713614aede5317f2945f3d59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subduction-phylogenetics-tachyon-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d23e85fad2795bccb4695d01f55d114917b907a7cc918c35106dd514064a39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in celeste-selenology-socketio-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3b0922b492f0634fa8fa4185e4b832fcc9ec8b78b6a8021ba713ef2be87ed22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pino-pretty-prettier-sequelize-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3bde5720db4c2110dd2e282776b87cae97883f7ed7cd03ed524b7a0c027d9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cross-env-geochemistry-global-juno (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e07fddec6b4d867cf834c4f7492dbf165ce6c36307b01ccff40a7cf2c89ec4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chariklo-library-public-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa536a5e403d931475f9787e1461256bb925caed3c743de48b475db4b9bb1938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lithosphere-markdown-pdf-winston-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc6fbfe227af2797cf89ea184596ed69bc80870c57f08a1e421accae594ddd57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callback-parallax-slides-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d8e97f8094f87a6979742f141b60d354237a41ff9eb015264c2ebe8d9de2bb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in metalsmith-antares-barnard-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 450389a4510dcbb902b1868e1dfe320565f58b8703cf3b2c809d5d1dce57c4e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postgres-on-sqlite-archaeogenetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 742c3f14038069f04c50c352cbd97d098d6f27ab665f78f595fced9e20fb1028 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...