Malicious code in spawn-apollo-envconfig-jabbah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7581617c1f3dee8f77877ca1efa376a3bccbff72945c680780c545962c3ea85e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-figures-async-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56662d4f8f23678a960291b8d19f3aa545e75a2346fcb87bce99a7c591855648 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-gemini-mongoose-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 538449fd0956eee408cef5ac551636c4e3e51f952b988445fc27d61f1cf38fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-mira-canopus-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ace4fe78c64c1ed51a7b328defee8c4e6ccda84767ed61f7599ccd715445ee2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-tool-concurrently-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ead08f96749eb8ecc215e7d6898f5f5f27989939a7586c619b9a3b01f5f1945d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spawn-wasat-kronos-child-process (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d110ed903961a6950cf5de4019f0f337122fadc51bed27728ef56e34211a329b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sqlite-spawn-ultra-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3be06e9b3e8c2658261f00ccc757cc103e2be3f4c5ae7c655f5dd153755439ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in upgrade-spawn-server-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a6ae84aa5b7fe85307aa839241cc7ad1bc03413134bad3133d229dd5cb63412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ursa-spawn-writable-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98529c833cbb87e017a27e085a759a2b5c2daa8f6c81183a5d835f87821f4d84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vortex-norma-spawn-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d9871526da17ffbeb1990534998c1ea3e9b0812ae4bbd2867c1b095eabba085 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148098 Malicious code in spawn-io-cosmiconfig-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9e6b201351a9a51dd4418072852271e69f95ab27e86b442ea8598d9ae40f2b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148097 Malicious code in spawn-gemini-mongoose-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 538449fd0956eee408cef5ac551636c4e3e51f952b988445fc27d61f1cf38fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145141 Malicious code in mongodb-spawn-ursa-jasmine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aac006721f2dd7978db07e64591af28893d16f07f61a47b2d7eac7fb0fed7fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147978 Malicious code in sirius-spawn-chromedriver-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dc5d124420e86b1c5400344bb1baaefbf2c44048bd0b668422e414bac3499a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139574 Malicious code in arcturus-nightwatch-spawn-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c280417853cf4fa3ede78d1dbb013a5560315f5f5d0530853f868a8b13e1d81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140941 Malicious code in commitizen-spawn-csv-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216aa139732e8f8ebbeb9efa1d382e08a1049395c2a03bbfb6ae1873421a9b11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in await-spawn-galaxy-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b43b63aa9b116de12f98fe72753cafc805de0801861e451fb794650f62b8952 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145799 Malicious code in odin-mira-spawn-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53aa37a11a06e592a83031a43a7cd565dfb52011bdb1eddb5c685681580c515f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144120 Malicious code in karma-spawn-webpack-yonder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3ad02d4f568f1f8a2b8334848d681a29dba0cdb833d11bd39f564c54fbe6bce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148095 Malicious code in spawn-dotenv-dactyl-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f490cc453d04177823dab83ad611cac695ca9f8cc9c9eae7d0899a7ee3faf125 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...