Malicious code in koa-rate-limiter-terser-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1be96c07650b670c76bd394a0fd674f3357b792a7afc500f19b9fefa6e8625b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in less-loader-pino-dotenv-safe-quark (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2af76f40a9ef37626c42f5c3ea2f4de40317e8fd209c2822c63c0123bdf79ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in markdown-pdf-pavo-lyra-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3da28957920f07798c64c5a38ab1c1290b06db95caf3906aed69d60c3458f329 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mongoose-colors-private-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2016b08d398ea500476ae7f3915149632d7a439309de048e028ac5181209428f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in octans-blitz-meteor-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a4371531f66e76c21381869af17ca3e23ae3771e2f22bc30ec2763d6dfe81e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pino-foundation-norma-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49315bb63638761a8dbd289a4cf8e22369803d71be237d59224742f28f2b071c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pyxis-parcel-redis-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc8737910321436372bca8d38f497a31fb2acee520e194687fb5c3232ad5fc9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quito-kronos-sails-mui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9e7f6c449585bbf20e538516ed1eaa838c922df2fa2da21a0f4b08d049d43e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rocket-node-sass-transport-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 091155c6dabce4639e5daa79ad578fd54677999586db168e80ab5458d8580cec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in server-helios-pino-pretty-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 028d29159e5f9101d2b2a1a011bb106477bee002fd2bb59461e1830192383036 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-optimize-css-assets-webpack-plugin-auth-loglevel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8382ca6a8e541e292bab6da68d987f95fc70200f8bf3bcd136415f68699d27d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in triton-taurus-callisto-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc032180d0a076e255d77641301840aef565ca59487ea2c3a303c859bb6d74b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bulma-fornax-sails-supervisor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c14aa58fcbf60f8b44759f0f04708943f6dd17c17579a1d6a4a3db3178caf9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in event-nightwatch-stop-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 344a8f3d8e3297fc8cc6ab9afcbfb139ccb0c4598a5bb32b378d352d81064bb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-yildun-less-loader-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a69a769cca21c2b2a2a822e2da066c9daed6de27648e615f57d6c614b2376b8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-non-blocking-gemini-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c690b3a4a77471e0179fcf51a1162f00ed5621bc5863c4189f2d879b998ad165 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142029 Malicious code in enceladus-grunt-jabbah-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 287cd32ffe0304dc3b78663929b5fb07c468c3593e8a043c53f160fac2438511 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148689 Malicious code in titan-oberon-restart-electron-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80f54b199c3e81770e49604610ad75bea2f44c7dac5b78f4cb3c6f6a4ce64a36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143040 Malicious code in gridsome-eslint-plugin-neptune-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f05892523376040a7b321ac3278985edf9c519d65ebcbe687651dddf10f1f85d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140998 Malicious code in commitlint-zenobia-run-script-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16404836c6f02879318bd5e43d055f2dac1eb55ecd652eff9934d63f3c3f7e6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...