7 matches found
MAL-2025-173390 Malicious code in buta-fbna-nafifgfoafa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c608a9f0c4f1350ee0fd930836db6f5eb2d803b7a213270ef403afb46d1576 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in transform-helios-jekyll-spawn (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc021b0668f909b84b57151c40a8fc0e71fcdfb248bc540f7fffd18a761d5f27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146368 Malicious code in polaris-slides-javascript-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dea543f41810be6c3ce630f5af28173f14cbe4d825d2570aa9820d13bb7b1da8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-92004 Malicious code in wati-empal54-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a330f71e8d2d5c7b4a12b4cbc65fd4ea19ce2e9fcb63ba260d72272414f05f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-67837 Malicious code in domestic-orange-capybara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d26f0ca5f657b80fc9036dbfe2f6e4a804d35ce7b64dadd48c7973822c04a9c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in near-orange-raccoon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90a35109ed738f41da92608770c3c65c5b7599867c3634eadc60eab391c14f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in notable_goat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e6dcbabe2c2bf3cb3a662194024f1c6bc0147abdf614d37f4b23e922fa3cc31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...