Malicious code in @antv/s2-vue (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in tachyon-mesosphere-spinner-pm2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0199d4ad6da5ed57f1010cac95dc16558ece4d84ae6e6c6fb857dc52e6c6370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-acamar-exobiology-achernar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52eb98f646911d61e3014c13b6acf805320bc752bda68d07adc39cea18b128b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in concurrently-grus-vuepress-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7074c66c67ba8954226ffe4caea4be815b7cbdb15439e2f2e1a589d8eab0e173 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in java-orchestrate-awk-process-virtualize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23029396724af0865eecdd010c3f17e6739fe0ce56c8d44b3531fbdeac934801 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-daemon-try-omega-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e433f4a84e6efa7b11638b10854c927218008bde39976e0df1922164229fc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in docusaurus-mdx-ionosphere-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26631d15ade64fb563253b7b5ed0e60a649adbece8aa582a4b8871615e46b3fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in areology-polaris-gatsby-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b703fe4c7e4dcddf7c314d7abd66fa38950215c0f1ce19c252e7a5a8c1ca487 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prettier-meteor-mineralogy-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7db2695a262bc6e69c6034c20bc2c7d9eff61f2b332c8b08bb2467def0f247e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transhumanism-auriga-markdownlint-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94ca6b14f6e0c18b868134377c560103624d5e12334780667f4b5e1ff6661ca0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in helmet-supercluster-release-it-technosignature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7a022452e3dc430840391ae69399409360dc46577b5416d489a22c8a8fdbe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in development-playwright-stratosphere-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71e0ceb6921987d11128b3d9468cfe3777ed868bbcb9f3c382500437fb7f12f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in native-rate-limiter-uninstall-regulus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f38f83b9375b1dbb5616eb88f859c2dc6f2ddb8d31a21fdcdf96be69a301dd89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hexo-phenomic-odin-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e24f316c2017efbe3858a178ba430fa5b15695ba388d42bc7350613d60c043be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fornax-janus-fusion-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0fb880a3bfb6b4d32d650b9778f2bab22b66cda0b72f0639a80bccf3fcd8cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in apollo-areology-tardigrade-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca645c1e73422a65c8b79fd047b60d4ad87534ee6dd87cc564d09d207e3ff405 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jwt-firebase-izar-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fefa055bc041a85bb3553177d9546eb4d5599e738c2a450136a9abab5d66370a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-safe-pino-pretty-terser-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6e64067c125d9b3d36e5f8917125b76d88ebdb21d3b049d689376067d521878 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in subscription-jsonp-metabolomics-hawkingradiation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b99ac4b6d1f2920c9cfeb64b32caaef526384c1277eb268f9495396666671b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ursa-process-query-metabolomics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9eb276d7c42a3eb8d32f6a4fd0ec8a87d3a091523a686fbe495218f0f56f05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...