Malicious code in canopus-odin-scorpius-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddbac68d4f0a154017bcea876cdc1a0d580ceef45d587eea1cead61d4448378d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in index-short-java-phi-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40e263ba680a09fbfa7fa23f8bee80092a3b81959c15f1cd633d5a32f174fd41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleontology-mensa-altair-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77a633c6b86cac2930385f3eebdca63ae10a81cf8d77661d33d82855cd92e570 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cygnus-tool-update-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6dda9b734db336089ca3b7e1b189859e059a4a50e2263aa85436870537b513 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-izar-dagda-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d66262e7994275c6b59e3b7a607c7666b8e30293a518ce04b1601aa91f38c93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polaris-winston-cryonics-palynology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5e7d42f185ed3a6589e791dac133bceb2f0d294c95c473ef0661645b658ff8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hawkingradiation-xenobiology-prettier-stylelint-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9467bbf49110ce9e0db5ccf540251049d6d665866b40a6c8b080d68ca13ff66b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-builder-lint-typeorm-bulma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7e5beb67118d8fdaa1e144cb2556d1c7eb507b684f06c0a99770132a862715b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in holography-development-nightmare-uranology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a7391f770354c996f96ff917c11fa4926f5234d5852422d6f39e359d9aa7a89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in triton-subduction-darkenergy-boson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ded23c9e0124c562aa6da9484bbf4806d7866cad1d4d49fc62d109bf56d9f83d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mock-sandbox-private-stub-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b278ec81aa032c216582a6a7be827213f777087cf4b2e0c8d2537c5889bbe8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in registry-ursa-prettier-plugin-markdown-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bce70a60b982911ae8463ded8b5a8cfc5578f573075e24291265f231dd7d8f9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tree-psi-air-moon-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83074f704eb4e4519a481ac7f001147d60931915820fa8b068b512c76f180ed4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in figures-middleware-proxima-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cbf4552596ae5fa6dd65d248b8c6308deae5517bbecc016d04d16fde823a4e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185471 Malicious code in antares-parallax-publish-innercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07fec6b828a74f076cb5efeafcef72a2822472cabf3a3ec7922699a1283b9df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187139 Malicious code in gemini-hydrogeology-panspermia-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c40c172857580cc93044c60ee5d17491d6289b26917933d9371df9d2b794e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187312 Malicious code in heliophysics-blackhole-ganymede-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c754beabdfebaf0f6366763fde491cf5889feefdb7cf3b0a5c5d5bf89f812cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186433 Malicious code in csv-puppeteer-phoenix-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374bf3eeca6aa7f97f05cedd4268ceca21f16e8c36c450cb4fa2c17ac2ffd1ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185386 Malicious code in adonis-cosmos-eslint-plugin-izar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f51440d13be3a94db6138efdff6d65f7d866cbf0118a7f11859f4508a808663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190339 Malicious code in winston-polaris-rollup-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50b576fdd56ff9baf91a0925f161f1f9f2f899f976ae949c93d85a8c5008e76f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...