MAL-2025-115143 Malicious code in kiki-empal71-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 661b0c8757f75760b04dec2fe915615c53813e190f71830cf399147a57f654bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-115804 Malicious code in melodic_warbler_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f85b8e46d407f282f79dc32bf4503826d278606df473513791d51d507d3d04e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supporting_goldfish_beige-80 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925cdc5ff98291cf8bf805d412bae8bb2efeea163ba24ebc76a72a6133ad5ba7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in relevant_asp_copper-76 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07e22b47c4d55d53c77a9666f80b6b5b86a4e0feaa0da7d3aabbf076e7955999 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in injured_hippopotamus_violet-57 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 813a4190f464b6fdd93ef549da98a052f14f953ef917efd869085fe8ba4db6a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hard_camel_scarlet-90 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9fae818680a42309ebd6e7b7594c088d14c35347f727bbf1827211fd7220d6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in blonde_buzzard_amber-68 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be52c576a880caf1df214ea105a939305bd823e5b3f9c5e111e45bd5aa1aa40d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in brainy_ladybug_plum-35 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fe5dae712d3bf26888aae3c812ca5426c1a35b7eb290a7d8e2524d4ef2bbc24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dusty_buzzard_rose-65 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b940cde5e2441ec7a9602d30afed8475d586e99d23ae1ad7cba5391a13777458 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eligible_dragon_scarlet-8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31cc86f052865a20cae867088bb1b0d06eda1a90572a663223a264b7db735790 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in firm_baboon_plum-71 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97639ba85698594119dcd40f1797cb990621ecc128f554c9c48e431708473d15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flying_porpoise_copper-85 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5240857a43f6b1d94fef2b6236e96b1f610a48ed7430911daf01031103b87c69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hilarious_rook_moccasin-9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e50911eb79ed1b70c5b5001a6996d2f023558e383e3482d819f0c4d3c62dbbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in key_albatross_orange-14 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d268671cec5e80ea66cf5a1827f8ecb2eb829ecd76db8d634c71ff286e1f1e30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in medical_lungfish_blush-7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6af0ff2da23d28a9100dfb44e51bcb3240dd805c452977ca08c129cea4b2f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mobile_locust_beige-28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09df6368f58cc6323662ed44caa8971725e57076404ea3ca38769e7b825d08a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in olympic_tiger_turquoise-63 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8724a22e3c77f90444c29fd550e23b043a2dea1dd20d55be2f33a7206e04a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oral_ocelot_red-15 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6666ab1a876fea822d1dd932b417e25522972290488f2a615324a7536f37a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in peculiar_haddock_harlequin-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81624cc61de0279de2a2e40826a7d59850a289bdcf7831e2a88517671b282c95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in respective_beaver_gold-99 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de3b3a9fbb6ebbbf4b85234c9ece980fd4ba1a0cc6c72593ac2e9826c798b45f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...