Malicious code in flare-ignite-graphql-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3ee76870be82d97f3eb5d63d5d9fc0339e9009a28b02be76c1b4a0f44944d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rho-mu-catch-double-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce2ad1e3def43f350a2696c66f918e07254dd687bc10518a3202abe7539570a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-optimize-table-alpha-final (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24f260e0fad0e2b704b1d9ca6562b1bf2b8263f6a59ef27a984a33fb7e91cb2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in draco-less-polaris-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b93ef4506fd0232368daadc9c2eef184cd5f9630d08eeeeeb9b7319cd4119fd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoclimatology-draco-backend-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdaa0bdc30656057f5e04b2da3574851ff0ee47c443373d7c23e7650c44b40a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in atlas-miranda-jabbah-oberon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f020f94c5fdb02b7fc5f82277e35e39660c2c8769968ee2d2469e3286f8e237 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in websockets-thuban-antares-yakutsk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65019be03a37451ba468ab0bec426af96f0ebcac58d786c0822fa0a5077acfd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prompts-radiometric-passport-geoarchaeology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0758b16dca5d6cced10fe96195a7c2306a87710fa84a7e5173a33d16b608468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-shelljs-centaurus-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55363b3a5905f100f53657d0b726caa73dfb097b64c18ebd0409751dc343854 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in got-lynx-greatfilter-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb1e5ae3602ba1d907e123d07c8bb75e62724ff1d8078775eb901682291c03f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-nconf-callisto-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc90748ea64a281a778df79da5f5d78d8439ba2ac5dd54761b15734e56d7aac7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stratigraphy-archaeogenetics-pino-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8b8215edc8d75314fd70706553211c18d60e357ddd2ba33d98c9aebc7bfc32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185714 Malicious code in axios-mineralogy-pyxis-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 363a084cb89546d1716a8e50fc4400ad1e5f3cd26c06fea728164d97c956c8b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190311 Malicious code in wezen-halley-less-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87bcce6580c517f2e33e3a86f226fb4787f5a8348a800d827a98bff9f31c715a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186954 Malicious code in fermiparadox-helios-pyxis-astrometry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4110ce456b0d3ee05ab386cd882d362726708a69daec5cde442abef8ce9a9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187682 Malicious code in key-kernel-transpile-test-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a52a484d28ce1ebc6b67317bba20eae6af92f4599233593aaa92ff14e137a0f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188322 Malicious code in node-sass-nuxtjs-octans-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15489028a7c893c81b5652d7e2f95d596441e527e1ae371106f50eccccd6388e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189682 Malicious code in stream-build-ganymede-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24b83fb6af139dbb9bbd46a83057ddae76e5bac4e17b4d50dc4543a894b03951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188064 Malicious code in miranda-biotechnology-xanadu-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 252ea35406402f4bad38396317c238088ec6afcbe8e5aa922bda36ae0b271afd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189232 Malicious code in rho-mu-catch-double-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce2ad1e3def43f350a2696c66f918e07254dd687bc10518a3202abe7539570a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...