Malicious code in subscription-interstellarmedium-toml-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94870bef41024d316470dd53ab7a4f20aa757f5e14a2b389f9389b45f02c0f32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nebula-fomalhaut-auriga-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7100d241d71061cfad199022166d5a46f9a2ac290b4e0fa6b68327aecdd9f1c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187949 Malicious code in mdx-callisto-multiverse-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3374948137016d0fbfe8d61be9db1108f9bd36e373e2755a997e3a2e83819f2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185901 Malicious code in boson-forever-leda-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e04409940d60ba1bb1617b5bab2f58238f1ca510ca9c125244997903e6856b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187417 Malicious code in hyperion-sails-accretion-multiverse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 691ebea865657e2348a842ab4e8c7344a5e72132a9b13e560bc80473165480d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188594 Malicious code in pegasus-filament-meteor-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aa9a3400f1241a8a8b6722778c946764f66a673ba27b0e9c822be836a418815 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perturbation-nextjs-singularity-gravitationalwave (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b165730c41881b44c233e780d2b9bde16b2fa49b0f012d8c28a06092c15347d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in altair-async-jabbah-radioastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 164dc0d18e8436c9b9b2d28e91de04e69468ba9603a30d5512837f595892c8d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188813 Malicious code in prettier-stylelint-zenobia-loop-paleomagnetism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcef3a94c77587648874ca5cc0a096f2a5a9a9c7b55cd912545c46394ed299ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190408 Malicious code in xo-mini-css-extract-plugin-vega-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341b0fee093a5bc333b9bc719cccccc3a0a2761c15e4f1ae597b33f4a6d534dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in loglevel-event-resonance-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7eec21520de8ed6c0a4d6cca52c2046b026e45372eab13e437e1cd2d38c4f32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in void-kernel-integer-visualize-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b5f05e0ec952f376e136b94d492a8ee7e1a22454eba6b8a4cc89d33a5dba142 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mdx-resonance-cryonics-geochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7acea75af333e29d6693c967fecafdc79642a14bdd49af2ec3e0b2428ba053fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subscription-playwright-public-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701a8a346bf74a50513bb9a55b5b268f778f18a886f3f088e3fa641fb990991a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188744 Malicious code in playwright-quasar-tachyon-thuban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e1811086e60f8c2705e4749e9f39094f5019189effbebfe1ef6a7c767217da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-airbnb-cryonics-ionosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f462ff51cb6b5bf930c6332a8c3f2689d11ec2a616d8e008a83cd2b2d4dd667c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biomimicry-decoherence-paleomagnetism-despina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81fc4c93a8ba3ae314ab90c18d782c9b0358062bef26f37667009c6f91eca36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hot-float-moon-unix-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbc7cfe0783332584e55e88a0d036771aba6155e5b13fad52b4a4dbaf2311663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geodynamo-radiant-slides-bioinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 803477616d2db87dbf10021a7d12ebbb625a2f2e245778328bd791fbc371b248 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cosmiconfig-fermiparadox-parsec-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09f948165719318c18a9effd583b6ae532e7c7164c847038d344101a3d955ded This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...