Malicious code in impulse-holography-grunt-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c28c8183009a08a11188523afcf95bf4a90b317d6e72e29db3fb3800beef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoceanography-sedna-axios-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 417a4d25dc5489d82b9a2aaefcffbab73253602a3712853452dca2b81765fd6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postgres-asteroid-readable-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde9ee609c1893f744ce44f7e17918ae0bb056420c1a91a06cf22239e5736047 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-deneb-phoebe-paleoanthropology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e503587813565ccf9b93395be34e61ce05fd7b6a71e5c4f6f1bc95a90b27696 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ganymede-publish-development-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 978c79b7d18ea06f986d6e2fb7985646d5a51af15f00263077e92558383d6c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in octans-cybernetics-carpo-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ccceeb81b50f8697417fb024032614df089a3bf9fcca910299ef4ed8c3a23b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zero-daemon-small-fire-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0a0456658b09d6abae40aec0e7b3864570435f2c3bc449f3470354d85bff0d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in proxima-uglify-js-biomimicry-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6085fc2c81e721b45c04ee516ad7a516391cda5a680b8a0f5a453e4d561b21c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zenobia-terser-chromedriver-paleoclimatology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f6befabd5e1c3a45c07315f720e6099a8015a0b8720eb8aa31782ee0070b8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in socket-link-resolve-try-encrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d67a55af083d921f7f9ac00c877bed240fa3eaa206ab2eba52367102c6bcf86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenobiology-technocracy-dotenv-safe-brane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38f1940ec494c0d4680f56338f595cc22c7b88792f2adf2e663d5b3246e54920 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-hexo-apollo-cryonics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199267a35ed5937ef5f63c6920324dae39fe64bc54a1dd7c5dc19a3157ede4a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alphard-prettier-fusion-astrochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdbf702618f9831762b72c2b15b60c2ed1cdb17d1767805c33c8e8bba0928be4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sirius-blaze-decoherence-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 427f85ee442cab5b3fd834d9f775473723d0b56356c21312d5a60d97a43278c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in graviton-greatfilter-crust-quantum-computing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0ed0b33f4c0ecef0f2595c287e16b232bac42416d16b964853dc0c9da5af2f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xerxes-coronalmassejection-flare-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eba865e2a9d624b3c624e257f0dd29415c690c76db7f860ba2d9d5944ad28be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flare-commitlint-hydra-astro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51e15093f898681067658fdbfcee562bc41426c8b5067bf87e0a42fefce8815f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cz-conventional-changelog-heliophysics-carpo-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87b43b39469f3044ffca305f0206cc9adcde03611a0fd8cf39b08d0230171522 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parsec-pulsar-areology-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83728336db821db8e3edfea191f300647358c704dd0e05a3ef3a4999fadefbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188983 Malicious code in puppeteer-prettier-stylelint-cluster-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edfccd5cbec553bf6d263e710fcbad1bfc8232a17e489b57cea10c4d4c137775 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...