Malicious code in prettier-plugin-markdown-lint-jest-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4732bbd796f8b60aa6eaaab2fad1af9c69bb1acc6c805e0ccc202d281754d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in load-fire-balance-try-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ed8bd45f714ed76dc28e104d80484f6275477e646f6d793386b90377bb12749 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wezen-mutation-ora-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 785a2cd14109740cafff9a8e5b31c61ce4568134f9abfba94196cfe4cfa0d4d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rate-limiter-technosignature-genomics-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fed67de1e41887e575922c3c48b91c73df86c4b80ecf87513eab3bc52ed123a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supernova-astrophysics-jekyll-webdriver-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c46b2195c3e0992cb15bb7cbbf584a0b5e48b2b1dde2a44f4956181f8ca2dee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in command-react-bootstrap-neuromorphic-magellan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 534a61a35756e1f7ff0d122533cba28a8dd16c76c34405da0657bbd6de091be2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in monitor-data-uglify-compress-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4fc316f02dce0d561bf90ab32d3702a34a86ddd60eb81d8893367f9b0125e9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nova-sagitta-pegasus-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ba21826bf8441b5f8669b89056183151cc9cc9795e5a3f9d08c1ba1adc2ff4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exoplanetology-grus-mdx-comet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ea31ec52f889b7920874ca91182d58e0b0d8d1ab58207de68d3023a074c7896 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polaris-interferometry-sails-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7c5081fdf4d0f7619a6a230546bbed5fa605459a20f2fa63ad703371acc7140 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleontology-luminescence-less-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e35af19331d041979605aa5f1ebb2526dca47615c002ab578283d3243b83057b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dotenv-parse-variables-public-cosmiconfig-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9e2cf5e995e7be6217368c91ec8ecf853022838cc7a763cbcc73d49e0c23b00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in awk-sun-deploy-key-omega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 269eb7a813c15992670144ef18f9ce3cea7e0df757009a82a2b25dff93f3dd4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-apex-ultra-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d255eba690342099284d8bf8a8103b1b72404c253a39810bbe3abd1882f8030 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in container-encrypt-kappa-virtualize-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f797b4a9f89f991872b9512b2adfc5ff57180b4e3a26fdb86bc508e15a96a1b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-builder-csv-npm-asteroid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf1c41f7b478def4f98d67c744bd71324c06f401c2371977bcbd2022b1877a53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185675 Malicious code in authorize-interface-good-xi-sanitize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d85a36709ba2fdf12ccdbbb3a62be3d509127dd2bf12f9547d0c46a7016f02d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189987 Malicious code in transport-semantic-release-cressida-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ad2ed4999afb8ac268ab70d6a37553264610fe139c6861aa22966b3183792fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in request-planetology-lynx-taphonomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99fae2a834303dc8838a8122b4966ad88db8a5647a67dc7fa47bbb5dca54db5c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mineralogy-less-loader-dagda-global (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fbc434baab71cebe5e906d04c5ff50a207494effd4d14116cd4d21e7df57ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...