Malicious code in astro-photon-publish-blazar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb6468812cdca3cbb6f3ebfbf8ac1b3a003fa7818d9ca76518f64c943efdf09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in framework-writable-dotenv-parse-variables-yonder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a47bd46b4ef5b2101952c40324d79249e25d9c3a1b697d350ff8724c4e24387 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inquirer-quasar-polaris-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b2a0e0cba4ee0cc5cc0d94f2041860ea8aefd600a4acdbbd29641f201f2a0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3eedff5af78c38d953cd8a24a97713690a208d01ffa5df7018314e5f3ba5667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rimraf-quantum-csv-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9909070a68830c6d663c79812a272f46e552253bfb360b94ab3ec3234e687778 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supervisor-cosmicsilence-kardashevscale-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9573fa09b793a27dc60d132b1c9ae19d3c0b44531783b2302554c24bfa8ed91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tailwindcss-bunyan-spica-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ef7ca0b166720ff7a48b675cb46297e227e219b0c43a8ef775f03020ecc2363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-dotenv-whitedwarf-decoherence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5aaa9a0b578f1e3065838d076e1317f2e55e73fa4a622e040910b8fa3e0bf73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in authorize-code-bash-encrypt-abstract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd5863c4c6b7c7c4948eaf1cdb4d635734791e194435e929c9dc3d24a822889e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ophiuchus-spectron-webdriver-sedna-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71fa83ca1c2d7a7aaa4d2de8c7a3e5b67b553a789c8feb8c2b2f77e620a77f73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoceanography-shelljs-umbriel-galaxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2386202e5955957868e619896d6eb531b3f4a1f167c4964e7c4ce5d273871974 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-proxima-eris-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4b692603a1c9f4a2d03676aef0261fab595983256dab9eb6bb8a15236a866ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in got-nightwatch-despina-react-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7336b107d179e0bff64553a286b8968070d2f42a5453b4c4ffc25c5a3be02ee7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-proxima-markdown-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b213acc5ca9f1760d64992f1e2015034abc38f9c8fa31f4bdd94974225fb7bcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187203 Malicious code in got-paleoclimatology-nebula-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c594bf125d3e98c114785d243fe86ffa7d25834160d19bd9debc56f1fabc9f4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188714 Malicious code in pipe-auth0-barnard-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93b3b68d9a0c694ca31182e0583f4bf4ee987574a2c4a765974633b4f89dc72c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186628 Malicious code in dotenv-sedna-inflation-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a63ee5fbe8c7a17380d2b2176b6e0387bba7788e959c4eb1e36dfa779195d74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185659 Malicious code in australis-prosthetics-cygnus-xerxes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c7f44f8a1fc4bee8f9c950dc48f3fe4c5d0ada66b921fdecb7432b24e85745 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189803 Malicious code in tailwindcss-bunyan-spica-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ef7ca0b166720ff7a48b675cb46297e227e219b0c43a8ef775f03020ecc2363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185393 Malicious code in aether-procyon-charon-spectron-webdriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0043c2d601e5e737e24d450f0337f2b0fd8171c546edc58da69d61cc5eac5df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...