Malicious code in config-ophiuchus-levels-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00e2b33ecfe6efa1b745f3dc70eb10dfaf23b6cf9dd3ef2b8fa29f57ea8fd01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grus-prosthetics-stream-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8349dbfa155f2d339ef3fd2ea67bde24011b09acb828ba410014298d1394d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in concurrently-scripts-plutology-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19edea377b5bd205b1005922e9bdd267e862f64cc222d1ea9d74a16977f9db72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-resolvers-vuepress-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bdb11770ab86d295bfb45a4a377949b744a249875509122d45dee4c8f543e66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-prettier-stylelint-link-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3769d4b81521e90ec08b25681b58a9566408041fe26a44b7c1d5efaf56ff4c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in protractor-hercules-xenos-webdriverio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29d84f5886e98b783c79bf948e8dc881b642d93250a3318b5a585f4336a1d038 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in framework-bellatrix-await-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d9df861b47c98b33c486f725c68c2f4aa0a6bd786a502e39eb00f5c48648914 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in library-nebula-rest-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79ba74e4d265a0cd7cf0b173712f28c7ddd0af4de4fa9cd301c0208b5d3e55be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in phenomic-loopback-rigel-mechatronics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2c60808f9819379866cda6ffe21efd73b974a445126a3dbefeaf8be4e60424 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189152 Malicious code in relay-dagda-sync-graviton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70e2fa9140c056d951512eeda4b917c4d77a95617f974d632aeae2f8e5465c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185686 Malicious code in avior-gulp-sagitta-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d74a939914422a428ce54ff6c5a30cc4c419e3633552ab96d352402aa0c4b77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ora-process-config-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58331212cc0f05b5a88802d3bc412dea4831f6640dc60ac64b50a9c4de0a2432 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189876 Malicious code in terser-webpack-plugin-nucleosynthesis-hadron-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9369464ddb44df2eb49a987731c6b712db57570302fd3f325530a2afb053126 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188253 Malicious code in neutronstar-quark-dotenv-safe-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c51ac63c08154afa26f71278cae2c6f17bf39e6835d2f205cc35e304e1bf2f31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187507 Malicious code in integer-web-key-resolve-mu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94aad90f40c30ad2202a9b22aa2607757388041740bb1902fc51611a74dbef91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188857 Malicious code in promise-dynamo-umbriel-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0d543e13fe999cb16955764ff46cf6d13d18edad98b0defeebf8132fad2a279 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratosphere-spectron-webdriver-deimos-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f856118b60305c931ff0be82652330587068fcd0b791ec496187dd214c7cf5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in coronalmassejection-holography-dorado-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5eda225e7909dd8c03021f5bc15c82e2f1af5e4e548fc4dee4dd4cb0f94fad75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sedna-request-dysonswarm-enif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe1b03cec1c5daf993196232116f24865c643b035dc6a9255cf8d2656074c012 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ceres-augmentedreality-iota-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa891b4634ede31623bc0fcd42bb4d3d610a695e74ed18b4ad58f1634a9830dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...