MAL-2025-186528 Malicious code in delphinus-passport-blazar-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26a974f550f97765a27cf0dd39ccf00ede03b43347eae79c644d36fcf7260c87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-171833 Malicious code in sariputri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f539e6b96219ca80a488f46b305555f1755f26ec8a07ab226ddb14dc734d489 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kuroichi12-dfhsahj-fhjk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24ea53490e2aa7c80aad82e7d6eabcccfef93a454a05c0240190b7e94f653094 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wezen-yakutsk-semantic-release-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a4e7b890fb897fd79c169693b6eeee61da5201a79ed6c751dd02c5fa61fae4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-91068 Malicious code in tiara-kupang62-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ae217652dee300e746beeb7f58e17e54a4cb47880d05e839f4680ee8c00f7c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...