6 matches found
MAL-2025-187920 Malicious code in mantle-mini-css-extract-plugin-singularitarianism-areology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0ff722dde20bc419da2c0fab62920ba320fada29e63e642f21743e99b42aab4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148312 Malicious code in stream-chalk-elara-node-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e8742ef7707e771c8ceaf7750f9e26d84d6f5e2fa92e9bf32fdaa0178bef63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aggregate_gazelle_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0a264d926bba08b5f0ea17b311715367adf03a2f80477cfebb5c621afc5b207 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-110193 Malicious code in unwilling_leopard_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae4cf8fe9403761d7cc430029cd05ed0f99408f84f3954ab93a0b15ad9f4af60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in passive_flyingfish_0xrequest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871e92340778f7e8657f147a7f380b9a6273e77a3834eed49d21c29c6a0ba4e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ade-mieaceh36-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aa93c99f961b43f8170797cd493f850fd551f30fb1741e2e10c167fa6027df1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...