Malicious code in node-sass-nashira-xerxes-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aac38fa2821b6fdc88b06b5e178d5ebd9e620d2b13fb68a8d89bb70c1efd4cb1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centauri-leda-playwright-cygnus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7671ad2b6e8453e44752aa7977970a925b638a23e89cc48acf0f5ed0d5abd921 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188386 Malicious code in octans-buffer-commitlint-config-angular-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47310359866ad1e902cf5ea4d54ed1da4c69f3abbcdb2e4423b5f5b5984e09c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190373 Malicious code in xenon-prettier-plugin-markdown-csv-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c713706c18d49eb384bd0bbed325910100ac359c57dd42b07ef52f54605e1685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-mira-procyon-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0669f795188c9df9f20c3ef0e98834b88a8aa721162b82698be48039ae152568 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188638 Malicious code in perturbation-blaze-singularity-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d94ee357e591d02062c95c64888251cbd977c18af9279759332c2d7380f162 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189421 Malicious code in sedna-telesto-webpack-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dc3a8b377d064eec4fc94c2c9bb78ddb6977bd0cce2e213300540e3d06c6e32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187582 Malicious code in janus-repository-acamar-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c352b7dc2bdb562f75a203a60a62f9bd3e23618797491c44e1f3d6593927eae2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-config-nebula-magnetosphere-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81e6dda4e6b8dd0db13ce9bb06eded94758780774f45b2f7146e5518fcfcc8cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in procyon-lacerta-wezen-geochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e26ccccbebf40e22475b60ac38b6b4c904884e79c9c8149cc4ebdd18b7f3c58c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in native-rollup-plugin-sagitta-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00d49cf4e544253b65eeab4ed53118e7a101dca71f9c8857859e37df800820da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transpile-new-cache-iota-quick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c5f768de28debbd6b75b7ca7af27a0d76a8d2e252a57dd227893aeb559ff981 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-eslint-plugin-corvus-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9921124b23b8c3333632e1a5ad8852823bbc42e2f37bc4ab4272265763d84cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in typeorm-kuiperbelt-miranda-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cec24c5ca0521ea9c00f2358b3fe70121647e459666b4b63da967a70a180982f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in comet-auth-html-webpack-plugin-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f5b037c3a10e0eb5d63054a411dd6a2daeb791121c669593b5602687a52454b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transhumanism-mesosphere-sirius-tectonophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99f3f6f03493f0fd853fba2b0f358f5dc1eabd1c5fedf1fa998d64441362366 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188447 Malicious code in ophiuchus-yonder-magellan-remark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c09c161d13a9317bce131ea8b042245be5a5099a41b500fb7888eaf18d11e708 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-sublimation-sagitta-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83e2a7905411fa3c3c282e84c3043f3fc0041b82e10ccfc9e96809d81d82757e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185639 Malicious code in atlas-ophiuchus-palynology-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9199776326ba6ad1fb449283394108e2cfe8a046a1fd232be90dc0ff164706a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186654 Malicious code in dynamo-mini-css-extract-plugin-cosmicsilence-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8e478555161d23346f7ff922f8c5628d28d7fb3aafb9004466f99613fec9ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...