Malicious code in compress-async-rho-boolean-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47a72962d3c729d5d4253ec9d28d30df0480c577add110900f74126b32e3a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-command-warp-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8178667f4cc481bfbb71a61023a72f4c670447ad57a44be40c3aab68de2cac2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-nucleosynthesis-hadron-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9369464ddb44df2eb49a987731c6b712db57570302fd3f325530a2afb053126 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in juno-pyxis-barnard-perturbation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ba7667bb839b545547f830a7cd64064ebb2ed6a65582c2229a5f9a02be6dcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oberon-geochronology-yakutsk-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb3db91f52b9d0f558875d7af6fd1852b71e2ca085a84a3956c3fcefdf06c5fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ora-process-config-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58331212cc0f05b5a88802d3bc412dea4831f6640dc60ac64b50a9c4de0a2432 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in darkmatter-build-kuiperbelt-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93483a80d5db917b2f3fe12b078b1cee95149534d194f3f15649c715de1c34e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in miranda-borealis-nova-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91dfceb96c2bb4d76d95411a0920184fcb12cc9d7aa77518302845bae0a3e6a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cressida-vortex-lint-staged-blueshift (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d541b72f12f4ff134a895458ff7ace3372090c5a8033ba0c1df81b2f95297a48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gammarayburst-venus-tectonophysics-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4109786a6043bf4c8d88fb2455c72847a0962f9e4f4dd5b8e4ccf91dd9984405 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biohacking-hexo-nebula-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 799bd86e632988c28863335fcedc47e5fe32a6ec91385c1a1eb92d971ee62381 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dysonswarm-gulp-dendrochronology-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df2900cd899be02f8b927b3a22067e8f4e1e87d3b8ee57a7ad44205167f4a2bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in easy-interpret-big-proxy-scale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27e1a4cafec6bf1cf5e6e657300eb2f4ec854809b9008a485341088d0b0bc51c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in promise-impulse-levels-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9759c470ef837c2329d4464aaa2de5105c8c732fe16a30f4b5456be003fc6f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-safe-norma-vuetify-paleomagnetism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccad51f031eaa94c4ba5ee1a9ff854e2f73daacdc4dd9892bd11978d178526b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tree-psi-air-moon-air (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83074f704eb4e4519a481ac7f001147d60931915820fa8b068b512c76f180ed4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geoarchaeology-oberon-proteomics-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4457df8bb683c248eb0726675b92eb63a0c31125a2f8c3dbdee0b1dae031dcfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antd-style-loader-miranda-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3f4f91bb59bd776abbd17036b4b81e568e06959ffa1d211ed85c33a064cedf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185852 Malicious code in blaze-farout-module-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4192d7aeef77906c60bb34e7bc30349a3cf23117c8fc3d3afb6d6a2a96bae8d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187302 Malicious code in heka-buffer-holography-subduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05d43fa721efe3264cc084cffea7aa55b2acc8a7e66e03ccdccfd836abdd2771 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...