MAL-2025-141201 Malicious code in cosmos-browserify-transport-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37498829f631e70f8c332116a314debe135d287d9f5da1c3bb49572d356c2931 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-sass-auth-ursa-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1d32c1b5d407a6418140a9935485f4f0908661c8b028023df0857f9c764648 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144757 Malicious code in materialize-titan-start-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f008e3b88825c9a54a226f489afb5844e6528c5993f15a38561ed9d9583853fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in private_hawk_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14a1383a491ea36cff8be44e191693564524a2250ed2a22b97fc2ddb7dd887ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dono-kue67-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13c79fc7e7e929cef4560071764888244e4a52f4e3f647434dbf8ed459c09da3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-114634 Malicious code in high_catshark_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 075077c632d7884e03f5e08d9ec76889120178c03e84ff92a318bc27b046c5ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in stable_flamingo_magenta-21 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e8958bc46eb7a35cc67f195654cb2a6ada99cbbc4ae19ea250485cff220472e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meaningful_impala_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a769777fe2e0d5e7a70cedcb5c927a3b82aa7953a57d274e8b9d1afeee884df3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-92464 Malicious code in yanti-gandul32-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c795f9b76889d0dc4a0ab9a86520e8affb264bc70b0c5f4c5a875caa789b1f84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in putra-nasiuduk72-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f2bcc76e2efd0fe655c46553ea35aedec2777e68ea74fb18acb3b3f15635678 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tiara-klanting58-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0569d4e25d9a1445720965cd7403db78e5ee71b539530a2c7d58bb71d1f7751e The package tiara-klanting58-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...