MAL-2025-189688 Malicious code in stream-sequelize-writable-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fdf4cd8fedeb6040c6b2bae5b893aedc5f019fba5512dc35e0ebc2a03cc4b8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154380 Malicious code in diago-kamoi-liumakuakoiamho (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66e8a3f40539a1a79ded3e88f7729523cc27591b13e102b4620cbf99f2b850d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in websockets-cluster-puppeteer-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0ceaad475d9d955f6b6f6dbade90cab89f4baf78f94279c6647fce157b11494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146558 Malicious code in process-mysql-cosmiconfig-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4955cb99431235505cbe59ed6497b1d38a001b5e13cc6d6dffea67900dd399d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-130552 Malicious code in tiara-keripik16-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cb2ab1cba9af337ea84a79848dffba5466bd6d7f02319f7db14465228f5e1a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-116068 Malicious code in nuclear_bobcat_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69e4a8abf04fd88951dfda384cbc5650480f089616531b0f0132f0edc6932ce9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in previous_basilisk_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cf9d39770379de148c7a8a9ca1077a9a2a3977364779d0fc920a3b5ca951584 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in putri-peyek84-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 230a16e15cecafcda31d91e72250983fb158d70aa416e6682ccafc9f38df189a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-93253 Malicious code in applicable_marten_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9906cb6d5194ff5100f142eedd042f4bb7070f0269c3a084e4eb120971f31933 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...