Malicious code in deimos-koa-build-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a36c41fcb310eff78aafc5e8df244c1040a53162533a3e6f7026cd926873e7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187043 Malicious code in framework-baryon-install-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdbb94425720ebca1c18ce11aff5f460206bbdfd2717e2116a16769b295bf508 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sync-uglify-js-rest-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab95b633e6385faa2ae97803caa076c5aa6894ce8f5a472eb6441b96ae2ea32e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wavefunction-ariel-pavo-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3912a524aeee27b07cbb82ea663ed0e11889501b10f31b17df11d60deeb0c0ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in permission-eta-float-gamma-psi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e5c3e216a75b80942fcf38fe810effc04077d1c549528efa5ffad2cd9b8f8f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightmare-version-levels-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31a297fae66d552bead526aba85b7fe7db06f9336bc28adb7ec24729c055c79c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in morgan-readable-auriga-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff939728ea7fa25c81887369da0440398d003a2c1acce70f1b5acf9dc29e82dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nucleosynthesis-standard-pulsar-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cf65d391bddac395577093159b8c072f9a32c009def52db0bc36b66a431649 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bellatrix-mira-europa-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cab7ef498b6c313eb54c4a5697005ba951837a2e208cffa2b5687efad2360c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cluster-wavefunction-subduction-transhumanism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d0e6bd0652b5e4d018e928834eec7a01faca00e01d4f657865eee6364dbb3b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biotechnology-corvus-phoebe-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c7d89363aa906934aa21323a9e5cbbcbac669a622cb76d058c5bc4794c9529f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cygnus-umbra-webdriver-mocha-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 314812afef770b2c68933860419ecd93f198f59bd1b7fbef389f9ff3aeb0ab01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chi-short-export-assert-execute (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b9a5aa5e0c64e003069b43ff89f71a2a040569317baf9e7ba44dbaaa4ce5f97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dynamo-leda-registry-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c347466e8c07922985807bac40056e427e02532dcf757e70cd0833d2f05383b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in holography-hercules-janus-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc0747bbcd6e1cb7fbbcd0dc7b214cd578ce9437437d5ff92c3122cd217d7f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spinner-command-solis-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f267dbc36ff88fe19ca4064f576af5fcdb398942c5d4cfdc639f21a86ed1935 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasat-photon-await-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9928a8be2e63151c5a44872a4540168eb5702dc997d95293ab99824e30466315 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-compile-parse-decrypt-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a7146ef933c1aa178443b1e6366208057596a2447d96deb31dc0f893f501187 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chai-tachyon-init-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ed315af8a331086cb9308963e3aa3757b94f48135134c69ba78a509e8ac3494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vega-xerxes-meissa-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b63abf6534ea99f2d7edbd9fec922e534d5a525a6f21b8ba75ad9525c2a485d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...