MAL-2025-161330 Malicious code in nabuf-ogauof-doofafsi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f9b83a2eb1dd67b7168897e08a8241b9bd03045b4e68791a22523c1345352b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aquarius-markdownlint-shelljs-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35764f15ad355e02733a1c29e0e640aed8a010c4274d58ef2813ecac48f040c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in callback-centauri-enif-zephyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99a679174385d73c39620a1a37cbb39b69e452416d7479c489f935ba04496cef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scorpius-umbra-electron-builder-elektra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 862a2349ffda24c475fb6b50662ed3b2a243d7c9031ce530c284e46c5f71a68a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140674 Malicious code in changelog-markdown-pdf-rocket-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3727a07d660807935d10820e328470b6bebdbec4098c36a571a58b6eb4fded92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in babel-react-bootstrap-cache-rate-limiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f07bcd268303bb5427b2d483a7bc87f4715738e050d7414c8569c27ef5e1245c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139458 Malicious code in antd-izar-dorado-gacrux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f0060bfab0cc5992ea1beb99b8b2dbc5251d85393d715a642e6c2e3eb188c60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145691 Malicious code in npm-standard-sagitta-nconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30e41ca778897239c3e5cf27fd5df06531d908fac9d45d23d17e3169fcf0ca97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149304 Malicious code in wasat-vuepress-quantum-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d54baa5ade6015fb6c9054123ae3a3e98a0e3155acfa1feb4ea656bd3a588600 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prospective-olive-hawk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e41a01d75aabd881d51182d2d1dd366ffa745cccd7eb2e7ad42a4f8efe19d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in siska-klentik91-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc3ba5191e7fb71dc5d5a421619990d70aa1f072340bc4344a51c8a3cb0d187d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-134270 Malicious code in inappropriate_yak_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8345cde6cd654f10d4f3ed9d81f06204174699043e4921368007c0a1df624a5a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-133048 Malicious code in eko-moci96-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8a7aa727e721bc19c819eef2cd2f7d8a823c4c07f9af479847edd3dca28cade This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-137648 Malicious code in utomo-mangga78-sumpek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91a0aa3bcdbcf0fdb6a7bf57c5825e8b78852447bd95b31dcd69bf82a5c5b315 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in patria-peyek39-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f871a90c97f60a017c628a57f728816b64e5898cbb3870abb01e0f1511fcdecc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gita-gandul43-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36933262fc74a2c94788f06b83429aa91c947d1263290b4c7d3b021438d85867 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-136581 Malicious code in riana-kentang2-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c98808f73c5a77c0b4deb07aec45c336b269a3653dca39bbc6667c30f700a91e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-134534 Malicious code in jaja-kacang22-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eaa3430a55d3c5f027fe863c5159a523ab5062fd52e434241c01a36d95be29cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-137372 Malicious code in tomi-miebogor10-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7190bf14f14434f001029558e9016e0f29c2399faab69ce37fc3e7bfc30d6288 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-135911 Malicious code in nurul-telurtahu32-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a0f5bd8454128794efe7db13dcc2312a450279c8cd61de34ef68bb93f61c9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...