MAL-2025-165831 Malicious code in shilang-poke15 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea2b913a7f81c48974b1aa9075d8fc1a34d8a23b3a6d94102d9fc3a83117f1f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-153569 Malicious code in avomainah-frauhu-fada (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 283b40ea80b2ff4e7ead8d13cbd36fc77634600748a3e80cab6022c849bd8ec9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-159216 Malicious code in makan-aiuga-ufahfayo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 837423ba641cf44dc629e8615f043e82a829b7c263813f8d905da8ddd4cece8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-163850 Malicious code in nudla-ofogi-agua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbde3deb769de68c85daf53f6a7f3130e27199de0549c19fa23b83af4d654f78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-152621 Malicious code in analsia-akifai-asuia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a1d6e95272ba7705bad246aaa0f7e3d4551e7da6b3cc486eb0618d18957c43c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150853 Malicious code in @miptaa02/mura (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a5150ddae4a6b14b717f2ee16b2fa91dbed884418607fba17996bdeb3eb5be7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-151236 Malicious code in abiba-alufuai-ayuvaba (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc4847de8aed923fdeb6fef3fb42d939bc57ebc34feea3868e15adc1e68981f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-152150 Malicious code in akabia-aliguaafi-av (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb14b0b955ed32fd9fca05661b2927fd0a8413fcc41351ca2183447f92789f92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-169768 Malicious code in uinsnu-lotipmi-kilar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a30f7d6a707225d2d4cf16480756229989444b5523d9e538d2dc29f259ef969d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155329 Malicious code in goodmanmax9250-calm-think (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 829085675098119c01dc98a5adfe838bd320dfa8345952fea980bdf7dbb8008b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-161866 Malicious code in namase-namuda-baukmwmek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0584ae57512433fc611c1b26165c4c076d594c25ad97f8e011bee771e03fa31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-170335 Malicious code in verify-aya-auioaial (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e78a1096680d8a536dc5021b61cb1c3eb3b460ea7de669afeb4ec3337ce8e242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-160447 Malicious code in milraoa-miffojpa-muiop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb63ba331021b08d0cc08dda412b1954375d563b05ea4f9e03e12b92c0427213 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142430 Malicious code in favourite-coffee-stork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b9ca0e2b4bc589d1779f36ab439cb7a963d9e4ffdccc1e2402235e183ddd9f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-flare-css-loader-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 691bda64b8884a4f1061ba8baa4801188477d843430b4571326d701603b5b08c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yakutsk-wasat-astro-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b08c20be557c34929f5df6c7e5cfcceb8b208ffe3d9dfaaf04557cee7aae0a1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-callisto-dagda-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc82ec03ffd02c6d92be3630990e05d6201d5309e55677a59e7817f7299c2815 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dactyl-native-superagent-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9399d903b38766a58790ac43991a2e3704dcf083ce309f85ffdf08a9046286c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cygnus-heka-mensa-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42240a0951e6d568b6eb3c3c4ad953f7fbbfc1af556e22fa93ff5531099adbc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-gatsby-zenobia-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4539e20771a5e14a396382185985a89fdd823182f16cf3fe399f24140d7e8c4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...