Malicious code in nodemon-vega-umbriel-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b9d4a5c58194456c1863fd6896596e284d87a27db073c2d3776cf9a02526de3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pm2-gridsome-playwright-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f83d04880b7d838f22954c6d4978d7d43413d986bd2f4471a604b357fa97e49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in public-perseus-zenith-blitz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1e0fda9529023a9e7ae60ebe50dfb049b2ebe3a6ca123f31ad56a1ef6721213 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmos-public-warp-planckscale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aef269ae3ec3a16314758d9c600b3c87b62899a0b3acbcfade8eb9b93663658 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitizen-radioastronomy-steganography-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4570637a2fc26f6065d9a514ce97d5a5427454e1864df6aeeea4fd1563720406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in table-link-chi-grid-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 981463794049a950f7aa4edd8fa557b85d449b3de90abcf4aefd078e49d513b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in commitizen-chromedriver-redis-polaris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e162dfda14da26869e61f46e5eca7b13630a776c65dd2d27987a580ad3e9ec34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in iota-aether-hawkingradiation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0a7a9c4b6adbb29d416747efaefe914079d8722fce2307a0b32e37ccc5eb06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geodynamo-biosignature-crust-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aac48faffacac3c55f9d51f6e43a83abfbbda4d15a221415d5036918f1dce92e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in redis-markdownlint-meteor-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3a10cbf1ee2775582f30abe53d0ddb3e5f06c22b2b5b175c8ddc0924d2a93e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rimraf-jupiter-carpo-phylogenetics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52050453f7f9de40e6c1a5726233c5291dc493693fe69bbf213323ee6f4e3e55 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in magellan-enif-oauth-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfc4c2c8bf18364da4a637c9c2468fd55bb49f379d7c4e4155628de1d3945d79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189293 Malicious code in run-script-taphonomy-interstellarmedium-antimatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51879f1dbe92808190dfdb4174790001ed7d379658ca47564fa784211fcb2319 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185558 Malicious code in ariel-blitz-rocket-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54cb285d99f4b49e9979cd77120e8d94e6e4991534997b5ca1d327e51aa6b78c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188527 Malicious code in paleomagnetism-neptune-jsonp-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e00b7c4e427afdc185348daac0c7d3815042fbdb19ac15e8d7e848299230aa85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189711 Malicious code in subduction-phylogenetics-tachyon-tethys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d23e85fad2795bccb4695d01f55d114917b907a7cc918c35106dd514064a39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186407 Malicious code in csrf-callisto-hapi-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3353f2b88309fec3f0a2db16bc2c7dacbf46763f6ef7ba45dc6a3742e6ec2f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185681 Malicious code in authorize-signal-report-omicron-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48d8ba11d8a4a4607c7f53061d2de0abe671593a7676068b13d46e6f8fbbcc09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189538 Malicious code in slidev-resonance-farout-baryon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa5d96a4541e7562f20a9b4fcd284e9207e6c3730ae698555ff68ddbeba4023e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188904 Malicious code in protractor-xenos-aurora-holography (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1daf88a4cdb645adc2c90267d92d9769ac690de4b4cc3f0998b550fe6bf1ff1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...