MAL-2025-156685 Malicious code in inufgi-gotmafa-anamufozai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2962dcf3fce32051f68d174c4ae17c790ac440921b2c146af58815b9b7a8cfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-153222 Malicious code in avminah-fagnias-ifiaag (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78173394d8d823db7b2e072da1a1bb6668861fca40969213264bb97eeb026847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in transform-helios-jekyll-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc021b0668f909b84b57151c40a8fc0e71fcdfb248bc540f7fffd18a761d5f27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ridiculous_marlin_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dc8b171b10e7a56f31edf8be1ee25fc60a3b5e3f870cf9c56a2bd5e4e29377f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-123505 Malicious code in tania-ikan86-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76037129bbcd8430b45713bc398eab770e9c125607904659e16ff90fd1f3a61a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100928 Malicious code in continental_eel_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3b418f4388e00f907c778052899b5be63a56436fd9cf2317e29bd541c2b3459 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-97279 Malicious code in vitreous_unicorn_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d73ac5eb8de1797e8b0e15ef28702d33c37e40e78fde3c43f45765e283e7cc4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ready_bedbug_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38d23c915d90a70ba7b7556bce57eff25d67992708343267ee7504de0f2a4cad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-58648 Malicious code in sharp_puma_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6383c1de3dba79498e8a59682e2f1d728a0007995190bd67001b9c3b87e0561b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...