6 matches found
MAL-2025-182084 Malicious code in gocay-gua-vsojfahi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c6e5f19be6a280ed0a2efb2f97e8fa8891bfde54ffd58b8e9cbaeb0e2aea8d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-171260 Malicious code in ghalibbasit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b19f78c5cf6a263acb76d84cb0416132e26e1cb1b3466961510a6dd0ca44dd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in halley-xanadu-rimraf-eris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98f36f1b7e62ebc7816dcaa02e95bcd9db3333ab142284de4d97a1321497a229 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bootes-request-meteor-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d74d0fc73bb54021a4f5141e63b670b81c2ccda4934aae6ce89637143d45c180 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in southern_catfish-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d734635afc69d2ed1fb39b61e75fd8e5e83bf4765909a44f4a8794e4813d5d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-63488 Malicious code in indah-ragi45-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e0a87a3744b7336c1a7937d3a06e112e4c97036277d42475ededcb6066b3bda This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...