Malicious code in kapvino-socvni-famabavpvcavnvai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1608b94d75b68aa558da2c6c7d80b5e63ede6541591a2826eff9d69234a9a4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-165143 Malicious code in riyanto-poke36 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b6503525046658a5117b09da9586ddde38a9a788a102e9c57152cd118c1b578 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-157611 Malicious code in keyla-poke43 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0503486347f606f86ed470cb398bd754df2714fbf2011cc7bc9167cfca61c3eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-160100 Malicious code in manurung-poke8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11908a85bddb468dcadf339969fab0e76a571883a83b9fa10f398fbd9519540c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hexo-changelog-sagitta-nconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f4530a5fd230ffc6615d6cacdc70a3aba46b71e960378c617d3a6f453067a59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-103965 Malicious code in immediate_cardinal_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1bf918b108532b85b1f5f944863f15ef20fe15628e76c4232faba252d69dc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bella-kolak88-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2710cd1ee607d27ca93a116aa075f14a56da36ddca04f72011671bbef1fa2eec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-65635 Malicious code in tomi-lutis19-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d73e52cd9a8f07d37e450b1fcfa637fb0e80c6fcd83dae47a0a0e0db8b2cd8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-59052 Malicious code in udin-kacang67-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb10298d12b23d7b7d996e5e74c794ce9eca703ec75050bec7f6226ea94aa8a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...