MAL-2025-165282 Malicious code in ruji-9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector add836ee41845fcaa3aab963631f2597e7cc07cb968bd6fcf694ee45d3cdf6d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hermes-acamar-pino-pretty-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 145f910abe8927390314d9dd02154054f3ca7651d75fe2efdae6636290baecd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodemon-rollup-dactyl-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2b432f0b0c2f9f89aea56397185205c9ac09c7aba0ad4d26bb0190b556c801b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147578 Malicious code in sadr-upgrade-airbnb-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc82bd40d74505d643d24b7f73aa5b7ecceb707e680b6eaf31a2fecd6cda9766 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in noisy_lemming_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfa216ad06d88fa8bbcc616a6f69c5d8d025f6b01cf39628af652b05cef0ae2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-107630 Malicious code in qualified_anaconda_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 357deb939483db8a554a23ce6501426c22deaaee6154e40aa18ee3f737525ba0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-75879 Malicious code in umi-rujak21-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77f0590a2fc65e12e3c5c4a15e3df70373bf87cc112a1d4ffa8a36a500981203 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mad-emerald-mandrill (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0205f709eb05026eef5b30ea9330dafc4b92e5ee1b45f95368adcde2be3083 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in voluntary_tarantula_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6239fa34a7a278719723908ae306392a8c5e7eaf93ddc1f14fb3dd1fbef75d3e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-61242 Malicious code in scientific_termite_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09c2fb2be8421d3a2efe974c826275e0bebc6ba12585bcf6b4b34a7d09c844f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...