MAL-2025-181531 Malicious code in roti24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e542206a59312264f9d5e0e96384b59a673e6de21f23889380866999b563cd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-171488 Malicious code in laurenkelly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26c1461526b6d90ecc33944c2e8503826f815f14e0a404f564ac91bdd2d851b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142767 Malicious code in gacrux-google-build-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e1026076b8776a5abf64629bc49bf72b89ae170bac59cbe6d152fe94085f49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in json-proxima-tailwindcss-typeorm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb74997a4a6c88093ebe105687a6d4d7790592f71e1bb9ef948236906dcee08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-113659 Malicious code in erick-brengkes62-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc912db070c51c75e80225e7d9738871aa8b581e068f2a12623cd32fcb116b32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100312 Malicious code in certain_grouse_replicate_automation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e803b0a88d3139a42491041ed00f7a5081e3bc63f095051c36f8fb50c5e598 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100545 Malicious code in citra-oblok58-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34d7e9dcdb2e6dd192443fd29cd13a204167a20f138d1d91462a04ab1a74858c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-98178 Malicious code in nina-lutis28-puyeng (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 086c6dad11dcb054b96047f878d605f47c1209916e2bbe7a19562b077448b2bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in capable-amaranth-whitefish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00b490076ee1958398882df104adc0f43f86da6ecec3e6f089bcb7241647e2fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-60196 Malicious code in costly_salmon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3949a4392a90085b1b5c2863111710572fb18ca58765664d3a6399cb15cc7afc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...