MAL-2025-189943 Malicious code in toml-airbnb-cosmicsilence-bionics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97d44c0c36406daa61d61175a2b7918aa25a02a62761baeac9896e031b80cf96 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185773 Malicious code in bellatrix-proteomics-meissa-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3398288809b5c874c3bff20243d7fff802f24671a300ef3bcdcd8e9432b1c921 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182418 Malicious code in imodiov-kufni-acumnacffgteafgrcavaebfac (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46fcb472cec5586fabb40319a39767fc5eb0dbd07390229f5720b5cc2fdb543d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-182573 Malicious code in imugay-avg-daiugjdfij (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29713d3bd5a94940aa1e2aad74e3ebae48421b3cf5b929211db125d885402c56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184628 Malicious code in odasv-knu-bonijavfcacvf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f92e3274e0253c8a04729533f498b5d67c4c7d9fb340a23fe69788e9421c48fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-174586 Malicious code in haritono-poke6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 770be846896acb554bf1ae374aae36b8a8e221c2d3380445f515ea6e1b36b9ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-170884 Malicious code in anikapatel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 390bd89273617d3680e7abf0cb3e618e3fe9af19d7880ad10d6e1ec04012996a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154163 Malicious code in dajouka-faa-sa12a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6793a7994fa7d5fe691663604d0ae48dbe137c0e57b95f23e1cc9fde62eac37d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-164266 Malicious code in piluvaika-kaiuabulibu-nunubai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 800e87cbdb51eae33c12061df8842e37e72f87416ff5a934ab22bf7896ada36f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tusaaya-s11s-ra2fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93721ed9d417a14b3a2b2939320955f8764029b7912aeef75bc4dffd335a2130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jurss-gssdsad-14s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af7627038f3a39866960b65b06d579566bf4c6d8e21b7ac5a5fb32057b8a4a64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-151104 Malicious code in abang-poke9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f680ae04c31d3a4e7ccb4e5c1bd7fad772df6446a97131cad047475e05badee5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jeep-poke12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbdcd20d4a5118e3a20196d51fd8468be14fc4e0f4fe5d79ce3775f92d8d9ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-163449 Malicious code in nokire-sekiya58 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48f130e97693e1542f97064ef95ee26011e7c246f826211e772f5ec7fd884e1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-156740 Malicious code in inufi-gobai-jagigair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06ff2693efba5f42274d30a9ca32ec16097fe4fee316784ae9b78077b87f5d30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154937 Malicious code in fadila-poke60 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5e0635ca7f5b027dea7ba671b4c3b18e929761ddd3c87ff4beeb3d198b17738 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-159045 Malicious code in mahnud-magu-naikam (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cadacefc174bc23fb44380f2596c0413ddbf6f264712bfb5c72acb204663f71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142193 Malicious code in eslint-config-bootstrap-cosmos-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddab306ab768aef4e01bcc7b04a30047de7b94dde56979b39615ba7937b0b938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in build-socketio-enif-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ad3112923e340d924bbe9b609468fbed79b3805c41fd9f6c46d9810c00ae930 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148307 Malicious code in stop-websockets-spica-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea1ef2938b730cd97e02dae9fec4f5bfe408c0438a5897d9aab01b98b7691725 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...