MAL-2025-181747 Malicious code in avangi-ogolia-inualubami (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4e2e44e7f5cfbee56d522da08697fade27491250de94613f8f6bdc9625e4829 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in @mipta1/yisaf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fed91f32ffa1a9c64b7a7df3ec039e9fe8637a76ef322e09bd2e9231ab0a6ed1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-156268 Malicious code in ilop-19 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23cbef1eedde414c63b210be73593ac0735322e038e452f163787810ea7b4081 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in magnetic_antlion_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84a28a5d45cc30623b4eb3f2f4d00af7b0685399ad2af182843cb62f9eb97d60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in putri-jus19-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d4005e63dc12a31d846050b61fdbc8479ca6e61755ee3bae1d9d0eb0f81d002 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in smooth_lark_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b2ac18ba17fd0e26251b44dbbae885a707bfa7007cbd7f6f35168dd8b2d31f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nina-kue83-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ac57ab49b25b2312ad15f08c766f55ca5c318ce3e6f4281d1ddc0f43b7365e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in diplomatic_raven_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 082df83cb0846bd1c28250356c7ab578094c781b4ba7617fb0270e66872ea0a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-74124 Malicious code in lina-kemplang12-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6b23a04ae12f7907a815317bbe893b66a34b7b6ba4dafbebfe525554266a5ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hadi-buburayam57-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c86a051b38aba324eb5efcca4684be20ee8206514898a9f4407cfce4e2cf023 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...