MAL-2025-183418 Malicious code in lobac-ubb-avigifagu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5aa24bfdee3f8a02480b5ccaf7e982daaf39abcd6b249a66fa66f35022b2a6f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-151433 Malicious code in abina-mibiian-upmia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36547600eae92429126e53ac613f191bc131def7b3eeb5cca253b6d3e18bfa40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-convict-nova-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52298d621a66fe7a0eb02409e2c6b190bcd68b50065d077d4702828ca83313ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-127889 Malicious code in kiki-klentik87-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 218c5f78811882e9efc6c4172c18e764e1c43575550a6046af3b006507c9a88c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...