MAL-2025-67207 Malicious code in civilian-chocolate-takin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec1167f5e94b1bfb198b44c75dc95529809fabbdddacd7308ee7a5beb5b6652 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66644 Malicious code in additional-red-crayfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cedec46ce37ac2717592c0826c48e2ecdbef71ad22fadb60b6008ced07774fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69580 Malicious code in neat-rose-silverfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd91bda3d1da9dccfda717a63e4fe4f68a0f85518d671810e59c5a0109b65f93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69634 Malicious code in northern-cyan-condor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e9f4dc46303416f08d3467d9fb21fbe4feb5366a6c451d19beeadf513c44694 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-70468 Malicious code in satisfied-rose-panther (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f5d644e3d58ce9e42c5779266e2bfd7d4a037c943fd841ef2e8c85678c61543 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-70535 Malicious code in sensitive-white-dragonfly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0319e988b13fa7e95240e108d512f3c2c4cfa1bd9ed8774ed089493466962eda This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69477 Malicious code in monthly-emerald-scallop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fd842fe6b3fd1216a8a16c2f1a4c1b37a51d3fdb841ad93928b4f4c73372c7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69277 Malicious code in male-tomato-llama (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfd5c4f438a14f782e9e5308c56c35c3cb4e4c3b30fc85d1de80ccf9e28be0da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-67174 Malicious code in chosen-cyan-silkworm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2cd2fae4f54a03ec32a8320921731f7c0b454d6ddf2fa1650300b75081df8ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in frakaman (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4028c36c34d44f8058c4266b70a252599c52dccb54fbdcb52bafbb474d397e76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chronic-indigo-pike (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d2a0247ef867054f94aa572f42413e5f99ac3802e6898f3390a754b7ee29cbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in respectable-red-hippopotamus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c780ad6a1b712823b5021ef843fa2664d96cbe0135e93b9f9b273a529be58e71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in convenient-orange-aphid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81144cf58581c84d2a615fc0b3466e16fc89452f8ace46139c0299f887c61e2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in round-indigo-goat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5fe5ae50abbfb1e3aa57661be87f140e791b39e674d918527f8008225a5b038 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68653 Malicious code in healthy-lime-bee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 195bbe9431c1591e9b6766a5957387f93714fb51e019d129e2385f880a306aed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dear-amaranth-prawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 316ac42a731db170e6c301e5a36d56a18f615f71f22abfd123aa68abc184eb12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in applicable-amber-canid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d07d8387f77dcdcc6e6bc9586eb3434fa69ca5fa6f36b17c897361e31c7e9235 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-71510 Malicious code in vulnerable-plum-bobcat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8636aa46a14abec32cd056771fdf0e8b7ccf52ddce2d1374613ef1b252862a3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68721 Malicious code in hostile-rose-crane (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fc544884a9fcfa4d0ca3f4823ed7420bf54e49d5c0e2a0c3d3e1b5ee9ea17f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-68826 Malicious code in inadequate-teal-shrimp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c634bbb2a7ec8a5a8b68c26702cd247255594cd5ef8c755b3d6814212b475bbf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...