MAL-2025-101357 Malicious code in depressed_mouse-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e93661f6ab4a1d3f7ae647580f55c70dfd3edfb722a7fcdc042f5649174b492b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-99270 Malicious code in agricultural_gazelle-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd7a5278a04077d11b511c48b01bcde6072f3bf5e924957a00537be8e85f4151 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100789 Malicious code in complicated_rhinoceros-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb0618af781330fd9f31ed5b65d43162bd09945b95335bdd144baca13234a011 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-102580 Malicious code in fashionable_salmon-toolteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74f113cfde4b4150ec3b35ccbf4cbd74152873dd7d858afec982a736a0a9d909 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-101503 Malicious code in dgjuog-devapptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e588fece1302e6de63bcb0ec684145f069a4e8da451b266454066039ec367c6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-107076 Malicious code in physical_possum-apptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ef7b1af2b5b189e8f2f234b942b69fd165a71cb1b4bf8bcd44186779b4a0829 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-107746 Malicious code in raw_scorpion-silentdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddd5150e68baf2190448387a714a50aa8ffbaa86ebd5590c183f26e90f2ec2b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in assistant_bug_green-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af34df565eed1ef7190534019c62c1399567924d70adc123446c90a33e87b059 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wasteful_spoonbill_jade-43 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee0f8529c440cf0609f6cdc61f5ad5c86021a48ba2eb89619dbd00887ed59ac9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in free_lemur_white-87 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9b6d27b83d20d88653fb6502f52ce37c244c14ce9ed22ae0a7fa1ec9b96677b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spicy_aardwolf_violet-44 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5cff44a669348fb7d096825d2f21b2e3960397a08850d95707eed624c035ed0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100889 Malicious code in constant_peacock_emerald-14 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6ee0a0d9c8c2847ba98f2c7cfe72f66a973abc50b9425dec71962bb81a916f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-105192 Malicious code in linear_gorilla_cyan-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4fb54fe60ecc7e1369fce16747a2847ec7c33ec12324e45a00b614a0b1d0445 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-101864 Malicious code in easy_sloth_teal-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ba460a9e17ff728c2d681aaaa7dfd027aa62c45faf3abdc9abcd20d9ef7ab4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-107801 Malicious code in redundant_sailfish_plum-22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e3162b7e997616d5075209bee5c8b20c0ee6b4b3ecb67807f2f3fb20b59a753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-109812 Malicious code in tragic_locust_blush-20 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e39230f88a19e9c037775d8ae6dedc39fbe9bc71bd0c9cb04c052ab048b09fe1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in irrelevant_carp_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6040d94dde3219fc740241c7cf26395cea41383d8a05b91be305909206d4925 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in static_orca_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e1e1dd02e48a6c7812ccdb6470153f3dd170bce385e25c339ffa697ebad8c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in managerial_koala_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f250be7f1a047124ac73dfb5637f5263a132cedd296bac6a3a74e0af1b1989f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in unacceptable_kiwi_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0482106b7560ac64d2b186eb039d4686790497bf4d3abf20bad0829dbc125a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...