Malicious code in solana-web3-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432 Malicious typosquat impersonating the legitimate Solana Python SDK solana / solana-py and the JS @solana/web3.js. The package ships no SDK...

Malicious code in iota-aether-hawkingradiation-augmentedreality (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0a7a9c4b6adbb29d416747efaefe914079d8722fce2307a0b32e37ccc5eb06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in weywot-resolvers-vuepress-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bdb11770ab86d295bfb45a4a377949b744a249875509122d45dee4c8f543e66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in koa-prettier-stylelint-link-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3769d4b81521e90ec08b25681b58a9566408041fe26a44b7c1d5efaf56ff4c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189152 Malicious code in relay-dagda-sync-graviton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70e2fa9140c056d951512eeda4b917c4d77a95617f974d632aeae2f8e5465c86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189412 Malicious code in sedna-jest-init-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189690 Malicious code in string-avior-heliophysics-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f7ef6f68451c5fa51ac41295643a67cb2a6c0437ba9c76305c143de6da7c1d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185424 Malicious code in aldebaran-thuban-gacrux-apex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89edf3df3532bb49c2c76748f619d106892eaa539e1416145739aa8a307a1f0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189770 Malicious code in supernova-webdriver-mocha-centauri-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2f0154b6bd89e8afefb374086dc7216cbbabd0a804186d702613d53503d4fdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187704 Malicious code in kronos-buffer-titan-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 792938793257953f6b2ebb196fc67715e7747e88d7f1d9dd52ccf05b0acb5b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187700 Malicious code in koa-higgs-jasmine-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a94744e4363382314160fd2c7e5b498755be2a10ae9e8fa7b684813a28d90a46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187887 Malicious code in lynx-supervisor-relay-loop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a26f63e49cfb5c2e768202d61487c55e9c1f08c139bc67fda8a39c99da2c5ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratosphere-spectron-webdriver-deimos-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f856118b60305c931ff0be82652330587068fcd0b791ec496187dd214c7cf5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-steganography-helmet-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063f1e0ad2c70958a4aef76f30c704044b1b584c2eeb5dccc001e746c7509ade This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189715 Malicious code in sublimation-archaeoastronomy-browserify-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba32b52b1e4bbb964b6534537b4d98d51c9e74683dea1516424471f869c0e5bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186938 Malicious code in farout-enceladus-magellan-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f03292d746272f6367ea408c0c0087fee9c3da9085941219a55a63bf3705e7e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-mechatronics-rest-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d591555d92c42e4a868143c59d833b18854369f7c4865e3cce2a3fcf9bdfc6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in resolvers-chakra-ui-bootstrap-ursa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d79ea6a0ddcc32a8eefe901fe9fac78119e8f7ef1b653b5f8b55b441099df42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in neptune-ini-apex-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37b63ab4631ab55ea26f71c7b50ce32dc848123780edb2d0f6b35e671c557b81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186626 Malicious code in dotenv-safe-sedimentology-wolf-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a7735c92427f6151353c4da7ddb0c7da56e021f0ab2b4758b33e8044419c473 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...