MAL-2025-185658 Malicious code in australis-geomorphology-adonis-babel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bc6492d44c87fdb81d4918be79a52ba4d8ee13d391912cb34aaa21f5470ae4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-172680 Malicious code in abahhh-putri-tea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602e48849f1fcadd67cc936c1224f1c02b89d86597a80bc84a35d6db826190f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-177028 Malicious code in nuyar-adair-bun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32593ad9d9efeafc6dd5c1ac2a7f1d042ed3e3270826c674e346c136479f058a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-175107 Malicious code in kapo-sadamuda-mimaua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef3ee69fe49c4bacbdaca3cd21eac67cd73e7a63037be8c8cdeb5421d80fde20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-173262 Malicious code in buis-sunina-mubanav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b100f9fb81194e6a07f9febab777ddf80730cd9a78ba4029f6fc6a27e619f93f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-176639 Malicious code in nuilva-bava-mabac (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82f8e52249f143398dbbe68aa329dfd21622716f1467ac611c50f48786b2d65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-171825 Malicious code in saoirabyrne (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4df8ca8a55546831a0188aa4fb3134c74a4c9a343f83e34f3ac1971ba021276b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uaragia-mudahi-syuf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a49c363aef4efc43e4f5a8df560a8a9ebeeeb0bd286245cccbbb9a9da98efd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-162883 Malicious code in nokire-loklok30 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca6e10086154945d4dd324d1f0886ae780df842b263f8e9ea5d0755cc6444e77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in xenon-quantum-miranda-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ba820fbc0946efc9d780a1b72f8ff8568751a753d5d5e8f4e49fa52579316e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144440 Malicious code in lint-ini-carpo-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 710073126339c59eb7484057356e51e3da9dc45a7611ec43e102dada5d735dcf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tailwindcss-playwright-lacerta-hapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1208ff45dd006a097793072c093d443a2de50d88981ecb93b4111e96b46ba2c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145027 Malicious code in miranda-css-minimizer-webpack-plugin-soap-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a78c804487392c81ec4c5b2f22f56c86ca956fd102a26974d8adf7ade602ba8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148568 Malicious code in test-cross-env-json-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac2776897fa85ee4c9d70fe5522af98d5ad8fee59c900ca63216b4324d8f89b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in temporary_shrimp_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25814348dc774bf345c9550c3e7dbe398ba82a00709d6e96d240fb323b339fc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-136952 Malicious code in sinta-mangut31-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9b404daf32f27a6d1e3b2de1129bbfff2217fe60a7ce05af9d5fb907ce8fb57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nurul-ragi70-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 919f16095e5a8a345fe6a1d72b6a27f953c8ce46834c5f9dabf67dd0d993af03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-125853 Malicious code in dian-lontong13-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404005fde205682ac1d3563f55acdfb6b93d8d8ac03a0c56cbe08f87fec9562f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in intensive_macaw_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1b8e3ae041cafbfff646c6976396d839a97b3861e34f63348f17078a8ebbe26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in peculiar_salmon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5a47cf028d19b80de9917a44b3d5d1f7d942a7b61174543d13f8484d895902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...