Malicious code in hercules-css-minimizer-webpack-plugin-cz-conventional-changelog-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d95fd0ce23afe24eb49a8592e43e5bfafbff1956c11ddcde2f1b53762931d47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in elektra-xml-grus-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c8f6f9bbaf6c31fa6c66d4f459eaf167a741ccc0e66e0a22a5941bd34df4e5a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gociay-uinga-uugaucfu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eefda5b5e3085109b39b341e1c479fa58c4b6a0920e488bfa15694b822e00074 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abdulll-putri-tea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d45d859145ae92765f6fe76ce2c2f031e16725ce240045be4fcb33dd7d8653 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146938 Malicious code in quark-sirius-fornax-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6e66b6d4c4a782bd1811563df45256c74e75c5d248ade83ce2ab284396724d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wawan-lutis31-sumpek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 092e05c0e6631478ca62a3ca295cb04586406ed5746b8a14959a2ba10734eee9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in utomo-mangut20-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 036df95bb3ce7a062dccdd06c8dd61a311a2325ecd498696495e2e3d572e8919 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in grim_marmot_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78c39f17c4ffba91dc662d605cc01494786530b52abdb8d2c511ee2767bdffd3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in patria-pisang76-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5dbbe7921909c12c8eeddf20ce40841591b371fe04cf7f211502251997c10fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66962 Malicious code in big-lime-panther (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6478b513192b4378199d37eb9c89f7aa78ba9a0888874402b0e0805b4064c753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umi-ikan77-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8abad002f56566be60a8a302cc521e1387f1bc3763eb60785b4abdc4701194d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...