8 matches found
MAL-2025-142941 Malicious code in global-leda-xenon-supervisor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 711449061c304954070a6e0690741a6de984afff904bc2f2fe9f6e481fce0a3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fundamental_quokka_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8cf4548e76985922fca610f303a63cced4b11d10c46c64a1cd97c7ce7bd0476 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-121070 Malicious code in joko-ketoprak31-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 332de84764a468a599484f59485797e7a54f8d0284f45e97840338114dd44dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-118466 Malicious code in zaki-tek98-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5728e234c9dee35bf967eed06a7f87c51e34fdd560cf639c9fcd9b1ca194847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-105978 Malicious code in mosley-soluble-pot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3f54f9021e6947c90e9fc17198ee6a2dfbcf924569bfc1c5c5cacc450e18ad0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kurniawan-empal58-apidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 556cea6631a1809bf07076c8f8a965015f3ede7ad69b5db5086a33fa410a9c88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in royal-olive-limpet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c341bcdaaed3945acb51c1312b486e22ffa89bfd0169328df8631862d077bcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in persistent_rat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51c1e4fdbcd72076b778b77b23d9e69a35aba1e1be038aa4e831f3eddd21973f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...