MAL-2025-186315 Malicious code in coronalmassejection-terser-zooarchaeology-telesto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f17a3906bd4a11e984c0df47d8cc68a8a7f61cd950e0a6de37029a1ce951b7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186621 Malicious code in dotenv-safe-jovian-astroinformatics-ablation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a312ee1d39ce12596c3d43387bd9eead6fec93b1060c13fe52416868153972 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187442 Malicious code in impulse-dependencies-spinner-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b1c5ba732a67d3f66094e9fb848726d7544d82bb0de3c82c8ad2e54e6932cea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186379 Malicious code in cross-env-cross-env-photon-superposition (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb2fb8727e1f7724d5accad4dc8d450ac3e5735b535600cb2fee7ed81e14ac8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in poliaoz-aiksdfo-alfdaasduggsdion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b53eef561f1b516428d1b7e17aecbde9bdb410de0bef3d46d1c4a294460a2417 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183953 Malicious code in mitalukaik-don-olikaisima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a1bb1575c05ba45d3ab0120c02fe6160ede0ec477a345845931e94311640fba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sonic-kos-fusfog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df3526d8756b30184a19ff6014ac0972fcba170d20b7268869505b7e1ffa4372 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mahnu-noy-gtogapo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3693dda8ac96299c2c24e25646fe9ebcce5e73cad9ced5cda6f576e6dfcccdf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182047 Malicious code in flights-lutuiog-aloina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5e6182848eac541f35b5b51fb86c941b024428aba1ca8006590f0f06c6670f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in astam-ifut-dakaioba (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b5573713b25e7e3c4a743c81ef1024c0720a5612a8bf4cdac1b5e14ab8d857 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avangi-ogolia-inualubami (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4e2e44e7f5cfbee56d522da08697fade27491250de94613f8f6bdc9625e4829 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in avangs-olioms-nolifa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38129b92b47d1182a150a30815ddc2718a422109c2fd06bc89dbee6efbd3b06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-ilutg-iduihsa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f65d51f5974d7645eacbf7740216e63d4aa8be3e79248f9234f3ff046b024ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gocay-gua-visagoigojfahi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3287b48b3f6ab20225cca321e3550b6557debb010f0cfcd053229d27c82db867 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imodiov-omfi-cafacevavisvoetfamolca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 974a2bf8078dd88cbfb8496740c39bae19234f8bf10f0192a67dae04ce36d586 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in itale-adci-ggmatondnggangru (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70b7c3bd65e3cd649ae60800ae0002f713a8f749539326c582b2f589693530d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in item-ati-zpojozakika (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40fc5a5df47ac2954be50096c8936748333a57074a3243d699837e3c234fc11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kisut-difg-di (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d9c4fe2fe97b06f2a5db316756894e3154875621d6e771c227f988b9d4ca95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lomi-ifush-ugof (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 310f369ea5aa04ea5e29b3c117b109d835e0ebd81928d10619c294f2eeddde50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in manu-oi-gisiavasgugo1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81abc8ae624a6a0d1895a317450b62721dc097952e3d535f6b1ab1936ef8ce06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...