MAL-2025-142228 Malicious code in eslint-plugin-chai-lacerta-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5ac9c2490e31cd01f911ada3fe41b454765bdacb067fe04d3d6dd4851be3643 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chosen_orangutan-excellentdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76114e5be17a81cd5e389245a248d6144fb69ab371d0173aa91cdbe956855d07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-82198 Malicious code in watery_goose_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2ee9e7fb0fdeca7fd89f1448ac1045897f49a6da95a1516b2d5e2d9337f049 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in joko-rojak57-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc44b6dfd1d4e95f071bd56189d3ab13823b9d34f3d54a0e9393a6c595032699 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-59014 Malicious code in tuti-lepet76-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c58e64145233f95bc09c4d9029901ab0c198505f6dbb63ec63a1d196547241a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...