Malicious code in promise-selenium-bellatrix-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 192014beffa1439654661cdd153d050d1b59764db49ed8256a5b6630ebbe3556 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in baryon-eslint-ariel-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061d29703953f2dc7b97effa3f9c7af300ab37b14213b9a808ac83c5a54ce6b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gemini-csv-cryonics-castor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a57321bc7da3ae1f7471aa4b2daac2201509cd922f65a18ef0992a031b983c12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in adonis-child-process-pegasus-repository (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3209c8b1de00a411a153a4f8dbe6ad93c7dd53375702b75897914da7bd3baf36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rimraf-playwright-morgan-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 605f4589e9fb73840fa4862f5d97c83687042c57fc5d073de4da60df0027fecb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in enceladus-blitz-lynx-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f688df47bd13d5e692984d772ab714e6649d97ff147beeca82b55bf73f3ebde2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-dagda-tethys-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ea648e943b2437d64d35c4b74d17399f38b90f0f2dfd6e329fc14d4bd66bfd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-pegasus-non-blocking-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14468cf08644b774f382415ed7ea9da2eca47006b532d6e5389e4ad5a9f45130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in babel-baryon-magellan-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8f1ba8a4b8c04c7a54ec5e6ee11756fffea3a57f5d01c02e9f40fac06da6f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in halley-subduction-zephyr-paleoclimatology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be6a4751fde16eaa87009873625b6b28179216a0bde52389669c39c7f0ee0d36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-abiogenesis-semantic-release-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c04dce162afc7d6c59dc05512d4f23f6779a6891e85414c6a52032e9fc0c2d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-monitor-async-omicron-optimize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061a9053ababe92204caba04969dab4473e5750eb9caadfb4089a4ccc4449c5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biogeochemistry-test-express-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80da7adfdc662484fd92ec3d26801045267dac8ca72457ceb3555b61f87bbbc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cordelia-babel-on-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 991867c5b89cb50239cb4c2cf768a904fa2112cce0f729488b115918476c467a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in norma-quantumfoam-loglevel-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ed2698692112dfc74b6f02911353f2237a752abc9c7550f33631d1e5f59620 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryptography-epimetheus-prettier-plugin-markdown-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e74f3563293b19e2d0093030d411190de1d0d6a99c8d37a5480f44a9cffb1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ignite-jekyll-europa-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 816aa5bd2dc7b19100deec4058a3379694413dd83819569d46871cf95c7b471f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avior-nconf-docusaurus-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e372bcd590d5a3c84d04776d2d75c70dbaafb5b84fc80e7175926fce4f9bb7f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189750 Malicious code in supercluster-neptune-juno-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7543532318ae7b6ac85841586a5d5d482e3cd78901b800e164aa8ddfe9c3493 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186409 Malicious code in csrf-eslint-config-futurology-sass-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5a957fe964ae606d4205b7b03e65f9eb9ed8a9f2e081d535bd4c9c5b04b283a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...