MAL-2025-139122 Malicious code in yappy-silver-warbler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3933638eeabf1e792992df13a3baa51c013cad85914ff892b6f37087e5065db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138894 Malicious code in net-salmon-stingray (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8637a889054a27d0cc482fc3fd9e5d4d6630328fb24a5ec669a7994033f221b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tart-rose-crow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 359d4a973890a901b9cf2a2f53d22c42f39e5d00db20fa610c5d9f7c32ced517 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mutual-tomato-impala (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf2462fd88d4f1162ad5132b0522ddf2ef308fc517f82d6c57d133033fe46983 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in specific-harlequin-guan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7a8c570f0355b8e840e96d244c36e23baa6e548a9df27cb96b73cc2756c8d9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eager-maroon-sturgeon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7a1982979ddc936cbd99a251a684b4680881a06ad90f821d1ab7caef576ed2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in confident-tomato-urial (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee4ee12bc8df657031eda91ae45e9079c6d6bf6ddfffe84d7fedf523215f6281 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in immense-olive-octopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02656cceb4e7ac01cccd5f7f32289d5e16a49c1b8bc908aaa45b22a06f90fc0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in graceful-olive-panda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 881decd5f2d5a8e3639665520cca8495ff5fd66a9d7e634181d480ff32a518b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in profound-lime-mammal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae0d28d281a9dc4692e1bdb96d4103417a6ceb67e8993b2e375b2971cd44cfe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138897 Malicious code in nezzyz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f9a1ef9d9917a11a72dd9a08d959bbb0d0afd0e435ad0cefcf15631848696f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139051 Malicious code in subsequent-fuchsia-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8f9369979eec35981daf24211fc2631aad510a816df0f80b5d3075e7077fd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138686 Malicious code in electronic-indigo-fish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2314fd521ac8a50f510a66895297537a7f4a54a01b3766cf686a03b4bb10e31d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138771 Malicious code in helpful-indigo-goose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 073b7059a8d0026ccd0785079c933b238dfee08450669c873740d576b04c2a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-138591 Malicious code in available-pink-hare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e82c53a08ceb07cc6658c93d6ca369aef45a2d9d415128867630a8c4eeeae79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-132469 Malicious code in cindy-enting17-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d5d6f990496b6986151bd837cd11f0de4e94478ac9fc606c0bc3aaabee35faa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-137909 Malicious code in wati-klipo20-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331596c998254826e008776c212755966e3072e89c1a3205a70f97f34460996f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-135257 Malicious code in lisa-serabi63-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40af467331e1c83662167be59f967295c8d873a50bef16bfc00682c6aa3f67d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-135992 Malicious code in ogi-kembang27-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67c12a12b99aa44d0638eb6f4cd234f6a5d89dd95e5a21696fecb916ad360130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-135192 Malicious code in lina-rangginang48-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e063867ab52b050b4ec004483eeef50bbcde941fadfad7d59e9e56c63e36c5f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...