Malicious code in lambda-transpile-gamma-omicron-resolve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f99f0348d7e173dc7912d39e05ba519748d07e0d15a2ed0eb9e7b1a0fef1428 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wavefunction-crust-interstellarmedium-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a6fbe9eb989b7506f8400b8bd89e2de56b6b7b55bbda804bf9120b204df0e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callisto-hyperion-dactyl-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f5fbb4310291c69ae8f62db97f4ea9145c9fcda4341d9b4daa0178186b0d4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resonance-middleware-octans-graviton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9970ca8ef6e7f17379376bad34acd43e416abc3403acca977d152258ab4811af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-izar-dagda-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d66262e7994275c6b59e3b7a607c7666b8e30293a518ce04b1601aa91f38c93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in async-lynx-lithosphere-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43ec24e13dc5676cd39326afe618afe0b9e4435ea88c7c601c8b2053d26a6c81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radioastronomy-photon-eslint-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a645989f783782e13048984e4e9fbd513842be85a2bee02ecbb304166d33afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cypress-geckodriver-vulcan-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a8e7b3c4e75f8542f11b8a92dfb8c43d2878628b0adecc1a5af688a49451c60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bunyan-callback-pipe-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c6a30fabd9762255234275520307cd432fbd98a02b188eba9e94d2334be6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nconf-zenobia-antimatter-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b18bb89360c0342d090cbdb5fad1f11ef5a29f77b43b652798932cb81d9a0a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cold-hot-beta-log-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9a7f8a4e041fa30770c77c28ed0ed77e8a0b512d546aac9d12dff4a25c02072 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biotechnology-testcafe-cygnus-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2756c79805bc9cf70d1ae96a1a009309dc842d56437d620e90834924c1731c81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cryptography-cross-env-google-yildun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 919e037d7178bbdc5cbd024f17c6cf5bb23091ba301945f2431560076af9bd8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pavo-colors-taurus-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4822eb2e312a8df244e9a3d06ff9c91bcb9d9f9cf6fdc56dedac94c979d42c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quasarjet-cluster-ionosphere-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0335cb0d12622e1f9f0076cdcad521feb0e990280876f4d6ac17052fb3f76185 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in public-bundle-class-iota-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03445ba8a939ca18bdd9df7c6eece70c41c352ef40c472e0eb55792092510cd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176487

Malicious code in scripts-jabbah-apollo-phenomic npm...

Malicious code in xo-helios-child-process-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6abf116ef5bd6a77aedf9bcc2b5428a4945e26fbf2e8c0d79a0fccebb457771 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ultra-karma-nuxtjs-nanotechnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9986c3e4f9445f6550a96d97a386afd87a83daa5b777169bad5204750216e68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pino-remark-string-nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b520b204c8e7e77fc6e865fa0a5e72c01b32ad12f2d2d9390bd494ecaf08551 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...