MAL-2025-183356 Malicious code in liobc-ug-agufiaidug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a37eb2517efdc8dfa34838534978b6919a230971b84a686c462eddfe3791f191 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-176638 Malicious code in nuilva-bava-mabaac (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce1e1aa6bdb6a976d7fdea911ec0b0c402f72bf3b9bbdf27aa8118e7812bbe16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tadashi-tssu-tasd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47d06e1a9152d3b1ab068f8d125b9e8a9e25a16214fe1246e6d0192d97b13583 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143982 Malicious code in json-quito-iota-global (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1c0e3325d8d47d15eba3299ca70e4c7ff9e8f133b357c261444fad5d82ef240 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-123181 Malicious code in sexual_aardvark_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 082562345c24fb27ce49be69dada97e8b57b1d173970cc55f5cac5d6d9443416 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in academic_mandrill-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9aaba5eb1327b851f30f02a0d61a6833aca93c6f445552232d67e9d347794ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in abundant_buzzard_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fd93067f06b069d3ce7bd8ed27abba316b3b21a0c181785b08134da395ac977 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-110389 Malicious code in vera-keraktelor54-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa65d4e799c7cdde6fcc33d1c7dbacdca2925477795da8b84a8480abae701205 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-94634 Malicious code in fundamental_amphibian_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa564c94af8ec1fc73148b64715b4e4b299e91a1e6d62ebbdd874980d82ef789 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zain-gepuk68-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7364ff55433ade2058cec7d3853c1f8fcb1236318028908bd0440a81f0c01468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-79469 Malicious code in kurnia-ronde17-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed27065940e9befe819b309fb1d0171d65fea9887cdd40cc0f8b224dd7c3ac4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in creepy-tomato-possum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae0828cbdf71c3f7a43bd195c61273c4ca60397e63d50a41a4b2a95f9b9be2b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-59566 Malicious code in xaver-mieayam5-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2effbbca6e7c220838f290ffc3536383fa65a85e06726404fca5de819893816d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...