Malicious code in polaris-publish-vortex-jekyll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebce85812e6fc46ef9fcc86a5c7993e6c77bffb1288c327defb1b194eb04254c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exec-dactyl-halley-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d5efdab59b297ba7336cb8f8db4a67041c6a6b122bcb9ded3d7e05cf0aef25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in export-resolve-theta-slow-refactor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a82e294ea324bca472096d25a02a11bb79c13ed4c1729e7d4735c3cf05ccf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-less-markdown-pdf-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c7bd429984bdfad6fb783aa98cdd8ab753a86703687e1e723fc3a2e3aee022d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-version-scorpius-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75dacef98ce0fa1a5b9c797aef9cabfffb1071bd052305809bade9065f2f7e2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-outercore-procyon-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a484a069829c64301bbd0fbee977a1849ab0673970fe89b32d53936fca25518 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in reject-book-catch-module-short (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b8b14b5a95ce44e95fff509182c83b828055877000a05d9e7b4447abe77c430 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in optimize-css-assets-webpack-plugin-polaris-docusaurus-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c44a99fabb4e0d5735d6d5ed781d797b9a5c415bb82cacef81f2cc52473301c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rehype-janus-nebula-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b030dfe78269f05856c1d36dcfb4812704739de10c5ef8312af45bf99110f18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dog-daemon-transpile-grid-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55edca587df4a61a434055376da40b0f9a67bbb2d201adc1b4ab8833d5c309bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188147 Malicious code in multiverse-pavo-dependencies-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5bb86e4fc7d6abeeb8acfe3062856a25e160c76e9ab903a8caa83445b6660ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188416 Malicious code in omicron-bundle-file-final-warn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6cd56b17c0b82597e1e036cd7fb05112f6c2cf312bf53a0bcad543dfd985bc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190404 Malicious code in xo-halley-less-loader-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96b37dc1940687ac22f89462e574c1e94a104bb168b0c8d2da912aebf30896e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188315 Malicious code in node-sass-commitlint-lynx-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb7d81eb99a4b615630e9110e9e4e09cc3bdc9fe3ab07efd0d8b6117778b75e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190438 Malicious code in yonder-mineralogy-ablation-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0650f663599df30ee3a2fc300f5a88b7bf4a1cd8203f2410bb10acf99ced98b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-ini-grunt-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c48d74220a2eebde40d0798cba3ab887af5402c7d0e4d32cb8683107a6650af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in table-report-book-quick-delta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0965416c019bc00c90cf5d20dd6fdd44aab3835008f974b0a821bce7fdd611 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99d6b16ce5f9ad8a4b63643f29ff2a163289920ad64bab9677fc22fda67ddb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-supercluster-release-it-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...