MAL-2025-157997 Malicious code in layla-poke15 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 704083e84127cc005bf97c0e36c99aee8c40133c913ff7259c0f2c45cb3bd578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150810 Malicious code in @miptaa02/lob (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 265474026f7bf591c996644f3b2fe074ff590815329dc755635fbb59b9331cbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in just_sole_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3821b35a45cb45e06058ae023b34c524711da17fd105c978f15b72616a9fbaca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thoughtless_monkey-silentdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a893e57b2b343bd5032fbada53cb1fb726485fee568792cae60d7e49e69e8818 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-108594 Malicious code in shaggy_platypus_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 690b03bf6c3f58fd2d99522c7a0cfcc654418575f53c5414d5c0bb62a266b9ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-104072 Malicious code in increased_duck_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5ec0ce729df410dd19b0cffebb6e7287e43d252267ed0aee9a73d1debdfb10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-80771 Malicious code in putri-ketan7-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd6c35413cd7d80a242a92c76ac80314e499899bfbf445e6315b28bca1c3b12b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in feminist-green-deer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f902c7d429b0286700edf5a3c0980535569b876195f1dd991197ee4c9369ef47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in entire_termite_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6d1a50faa6467905c5cadb3bfedc90668d8bf88d2da89852ab195cc4d5e12d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-64789 Malicious code in patria-serabi60-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a44bafce7c2b2c55e9c4ed941745625f5b8028f766ed3af00c04bb8e967fbbc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...