MAL-2025-111674 Malicious code in associated_quokka_salmon-48 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 629fad0fd8df97e4bf5f3ee6e1f528d98281d6db69b325764ca634fa5bf6f896 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112283 Malicious code in selective_pike_fuchsia-11 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddaa89e00a2509fa1bfc0ab0e696c826875b3f644cc35473499cf0d9cc12914a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111738 Malicious code in commercial_barracuda_peach-17 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 889d537975feacdab947193e8ab585e7ba742d02a8313036dd6e669307414436 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111940 Malicious code in gigantic_minnow_silver-100 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713198c620745992f508abe85b5e5a164ebbe7310aebce5b9cf7113fb74717ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112316 Malicious code in slim_crane_apricot-72 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 433573128dfd794af420ff91d9d169be45c7714bf0feb80944a3bbaca465137b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111714 Malicious code in characteristic_flyingfish_scarlet-28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c6e1a52db0a5be38bce84c4e5f49865ecdb7ebf1d9131e0b36ba18f77f1a360 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112350 Malicious code in spotless_dove_aquamarine-90 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be5649f78ddaae56fb609b7c839bba1a7bc08d28888ae67162ad18bb56560e47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111929 Malicious code in funny_shark_gray-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72110ca0c1c40bf9df1d993e398d4f3387a9bee554b532057be34f34280c9abb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111781 Malicious code in daily_worm_magenta-40 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20d10d956b2a03a8d770007e1e5505f24b76365470cbfae853a74c592cf9377e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112466 Malicious code in weekly_cardinal_indigo-55 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73ad9292d76d78f6f94561907654f1dcbed93efad692693eb6602da7b66d3bf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-110898 Malicious code in wicked_spoonbill-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 157181757efabd0daa2b121931e22cd2b7c93879ee0f374ba720ac6c714c2fb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-108392 Malicious code in sashimi-notthedevs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eeaa658101fb112d7e8b6f00a2925c53d263acd4036b48a6b3add95ea25aee7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-101238 Malicious code in dear_elephant-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0dd296cb8cb41d0994f4b1672649e774f450dd1b5f20f7d09468dd647ea8339 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-106214 Malicious code in ndcsmy-devapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94e23104d1d96eeeae08ed379a2c7ee23b9988a568a8aa1d4ab6dd7fe5c5d9fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in distinct_vulture-silentdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e87242fba20320f0f7ce67c5ab7dfd7e606a924aad22d9386e24988e247f488 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aesthetic_jackal-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc66da08afd9f0578aebccad35605278cddf7ab9de43f6526c08a79979b52129 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in agreed_ferret-strongdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7568fb5b6a21c1505290c92c8cb5bff480ca4f626f42de58442f36db9d71051 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in beautiful_unicorn-apptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b01ecdb73dc88dbede398f6fcc1ead1d85c9c1f8f371cf5cb1f23eea68dcba36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in burrito-notthedevs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f17a38ed4925463fb0fb536a3177c07021a5a208e0f595448073c64eb8dad24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in complex_monkey-apptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bec9c429090d6c859c96d091477ff4bfbdd25ffbf965b207b7f2bdd4800d0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...