Malicious code in taurus-winston-panspermia-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83d2cd6b9bc072d292c08b72596bfeb053e4d083b485191205648263cf806a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nashira-betelgeuse-astrometry-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa2786725101eb80281d006fa25c4c0f3dbe25a6cc1a67c411ded90ab4425df5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in char-bundle-route-refactor-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a22631db367f870abe285498e1329436f0e2cdae19a36aab92989abb9d68daa4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polaris-asteroid-oscillation-australis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a8b10557d3b8ac062dec69414470183d5bbe9cf999cfecb684e5dbac74a09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chakra-ui-test-quark-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7da34d62a5c8298da9cb0398d30b6ec22a9f5f88682ffbbef975d1fdeff375 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-prompts-nestjs-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cedb656f95a6a50d29e7c67d508119b1851a5881daf0c66c8520b90448ef323 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in telesto-publish-oberon-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de6837a499af3bd764db78016d59ed3b3b1fe3f57a03f81847910a466b622002 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zero-daemon-small-fire-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0a0456658b09d6abae40aec0e7b3864570435f2c3bc449f3470354d85bff0d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tardigrade-perseus-scripts-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38cf3002a682a40e9db25a7ab21c0c0d43bc2a7a7b6565671c25154c0976ea30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in duplex-request-astrometry-titan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2651fe16dc29246ea136b5abe4b863a53fc8361641f4db128a6e69e0911519d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kastra-perseus-comet-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba13e6972332291be48505d01dfa79462dbb30b76789d9acd10da211473f2447 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in capella-yaml-innercore-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 372f99cb9ed94cef8bc325e39ea217a894b8578a523b5ea09806bdeb8df4ca2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gatsby-config-postgres-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da39a9e2fd7a04f5eb662fb6eef0160a78e4ec3832a4537c9e704e0731297736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in short-shell-data-private-bash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24b7316c8d5324f89c708b06b8523b6c7c30d7ecf843ecdba78f78b921ecb7ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cold-phi-cloud-cluster-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0e9984087d6fc6265ee22bf94590da86323c7d97b5205d237579d0a5556bf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hugo-plutology-comet-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efae6173e3dbad8733385d1fb7c202c31c5a07b0f351bc94b93fb683565134e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-mechatronics-rest-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d591555d92c42e4a868143c59d833b18854369f7c4865e3cce2a3fcf9bdfc6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186644 Malicious code in duplex-airbnb-canopus-gammarayburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 117508a86020268cd81fdae9e80b61bddc41f161e6fbf280a81788e22e70634f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187046 Malicious code in framework-release-it-fornax-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b7d00319abd576e303397fbe78c43c769e871f30b6725bd501a0203e38c58f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188163 Malicious code in mysql-local-bootes-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c64a6dec662b35954b462c22e6a5bd9d14a5452fd7ee1386da7b709d78a68442 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...