Malicious code in async-registry-build-xml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b787b4cc82b7e9203080fa1cbb0dfde6a06a8c55417491aea92d72ed9a1f97d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in blitz-nuxtjs-cosmicray-paleoceanography (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4cd9862b70a1a45035e499259dbaaddd1fe11073d087794c76495eca9f7215 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in taurus-request-hyperion-subduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805221cf5a62588c1c2a9e61e0875d0fc1e09945259c7a29162ba921752675b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185450 Malicious code in analyze-catch-load-nu-omicron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ca47135bf85c2da7bce49e90cf34cd26d4a117d13a0348e3b07e6971308d220 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189595 Malicious code in spawn-exec-zenobia-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d195fec77b588ee50726619249d1d77aacd06b4a03966370f3dee0c6edc02d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188738 Malicious code in planetology-sociobiology-spawn-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e157db7c0e004f3948a95876c03456347236d1cffacb7a03e4f712011774422 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188780 Malicious code in postcss-loader-hapi-publish-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f30a4b6ed232f3a0f88e9b315c00447a3e16a47c406a885a51e8efb67a3253d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188474 Malicious code in orchestrate-process-cache-data-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7471b0298fc61ae4c462894f9c3877691c475883df2c72ebf084c57d16654a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188916 Malicious code in proxima-nightmare-postgres-seismology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dddb55344319b54c55a9c4fc70b867ff693278f587db1ce1fafcb3b61df7e51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prettier-stylelint-astrobiology-loopback-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6defb2c5feb096989f260b8521f3669e9671736f838b9e562297550bbb18bb7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chai-prompts-auth0-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad324c4ea61642de7103f9b9dd8dbcd82c0039694bf830c253f7ff3fe81db1ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cache-xml-stub-fire-nu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a2eb0e7fa0e94ac62c34a36f3df12ad663540f26fd5d5989d0e3c8dbfffc90b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in user-refactor-cluster-transpile-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f18892cb120efd30e52630d809cf1105bfccbab7aaa211fe691e458990281176 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in configstore-centaurus-writable-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4d2836adf3fb394b565c00ce08f4b87b9bb6ed7d0f8a9228fcd46d24a9735d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in carpo-hermes-firebase-nightmare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55a433a9de6a1f098e23e247b2bfaec929b7597a4f3db6f1ea78cb0d9eaeb64b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in child-process-concurrently-chakra-ui-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66acf8a52ab5f47e31e87daa88e9ccc679f3580c46543cd05ee50741b3f97448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in speleology-ganymede-halley-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a4e204a906cdfd8a5558d263c05149b2236580f35ac76afc37f33536655421 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hexo-commitlint-config-angular-nuxtjs-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa04a244c2369734edc8b55f4a7af30007d71d3275a23f60c9548644507fb197 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oscillation-leda-warp-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4034a7c18a9c9766f734ef16d4eadac9e3d3574d8910068cacc02e37e741318 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in secure-phi-web-yaml-socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24bb7f54cd938265baf2a3052d77d5384cef40e78cb6cb96648925c983d7f010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...