MAL-2025-71340 Malicious code in unusual-coral-tyrannosaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1acade8225a1059f0339a9b5e33795261cb49cdc30f454f3d783fe782bde1f86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68944 Malicious code in intensive-aqua-skink (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3aa9acaa84379b4e13cf0f109d1647599e1ee3152114f9734b47c2e4f8544e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66797 Malicious code in anxious-amber-newt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e86b14680c7e4eadcffdd639dc9bc37261ab04224871f8584409c100a8c6055 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68604 Malicious code in growing-fuchsia-boa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 377551a11b126fd94603b6ba134b3eb8673a0c9eff870a3e1cc0a4cc30d3b75d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-67748 Malicious code in devoted-beige-gayal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab1f32603b4edd0f5946aced3e79dec68eb332ce839079f1eb7fbc26df4ff72b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in artistic-white-vole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eea4ced7703f865b0cc4ad0aa33918b148fa3afc826ce44012ef3a8bfa0e29bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68975 Malicious code in intimate-magenta-crawdad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae17079b44effc32e36432a0db0d0c98d21ae6aa32985e55d5dc62d22a807b67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fine-black-silkworm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 541a49d5a6fb5037346092fd2142d4dbbb66fb9769192f8beaf0dbe38bf45763 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electrical-copper-stork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1354ad7deb27115bf8a28b709b1627ce48fd9b58db160f5f97552d7993d1ca71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in exotic-jade-bison (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fc326f863ae1b00cdec8fd7a9a02ca242c7798579274c0140ddd89e9c2ef420 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in arbitrary-apricot-tiglon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbbfa978e228cbef1cea3b0e9dbab1cf04eb98a63d54d4daeb22794fc55b6441 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in drab-coffee-reindeer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c674f44a135155431ffd530897dde2c6893f3c4ecd3990bfa291a52dff557e10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-71136 Malicious code in tight-copper-crayfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2c4b63883ccb709694df00325e9d5182362c77e2eca8efbc0dd2ddc84e32ea0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-65797 Malicious code in uncomfortable_tortoise_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 123c142f1e9fab55ab1f5ddde781e0bb8d29b4808c4be845d1c3d8661cbdf649 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-65966 Malicious code in vida-mieayam6-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6698d2f3b375902f811caaa6a5188fc6b26f3315b190e47b3d628fc750b6d68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cindy-gudeg4-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83797ad5a8dd6f6b02256f9cece2cde52105a6369f81fe8d9294690710aab2ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in budi-papeda47-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ece4109858fd10dabecee84e8198cb71642ad3e30a9b011a05a48ebd03d8cb3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in candra-mie79-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63f9caf0f9edba79b9c48630fe20a2b158eba256446ae74dbeb6e2c369727c60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cici-empal38-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39ce87b10c7dcae8114735907d5d03742dc7a1c92f9c326e07d03c36123452ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cindy-kemplang67-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e989a46df1c8091d5d8029319d5e6a51838b0045db50985f912658daef9137 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...