MAL-2025-185534 Malicious code in archaeometry-cordelia-capella-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a2c8d6a31e349fd295ea6069c1f1bc56f8eba23734d8405f248f309f202a2e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in itale-adci-ggmatondnru (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b009ff745b4cbefa8b6b3540e35f7a17ea32a0163efccfd3c6757c608995d49a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lobac-ubib-gafugyfaifdagab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2aefc55ff7d26bd2f4a9ecc571b80809f5ed2057af104f0fd77d4150d2eec5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uinsnu-lotimi-kilu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dea638be83df92b9d12c415726bd5aba3bfe960a3f150ca92e98eb1e102429f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-156538 Malicious code in intan-29 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fec4b14b994eadc614e5408c245842d42781b2a0b73c649ef4b027170b5ce970 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-166354 Malicious code in sunden-dilak-nuls (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 766c884e4b509514690629e2d22498c0d4ad48e6c0a689195a6a21f5a0190cb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149103 Malicious code in venus-avior-hugo-epimetheus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d29dfc5e2249ddfa5c95e7533072684a991c589d4977145b7e99eacad78a296 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139788 Malicious code in avior-sync-enif-protractor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89e3a83c0ebc9b62ac07880fd2b7ee24acf354995ffbb017c950d19e49d7f208 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141938 Malicious code in elektra-blitz-development-rocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db17c3573c2afc48e71e8d7d0defeea06ca90a04b2e4462187b50a5d95159e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147754 Malicious code in sedna-barnard-bunyan-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39f27119a3e95fe00266bbfda55d5c45c50fc7ef145b70d15e67d742e46f33fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nana-semur56-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a45b991c0f27c3d9e821a6b99ff6f32eddd50281ebcb2e68edc72fa0199ff1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-136476 Malicious code in qori-ketoprak62-sumpek (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 037503b86a2827e4401b9206e2f04357fa596d1440559b70d4963c8606da3436 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in juicy_coral_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3cf5ad89ce8fc314ed30753211bc1524887b19a883efe183ac71c2835d1a1cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100526 Malicious code in citra-keripik7-remi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55f1f0ef328504d698f383a0295d4b0613960dc45cfb41da251ffb2246f3b561 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-98287 Malicious code in rattlesnake_peach-3-tisubasah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9748a01cccebc53ea68d87c43c124fc1329f19a170cc71b3fd90e24d38dd7af8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-97104 Malicious code in unconscious_whitefish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a8b839b482e862f199c9e45b8ab84a9a69f1766f1c5940fd1df1162b09de250 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vera-donat75-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 210efec0c13820498a1db384cd9bbeffe0bdb162ee5c31ed16b39267d99916a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-86403 Malicious code in hendra-lapis9-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da2145a8a98e94ab75978cc735b7ec76baf065f9dce636d4e9f9f070bead6b9b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-89948 Malicious code in responsible_flea_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de1053965ef12c7003303ff539ce828678c9652f427e4a4630c946402501a335 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-71934 Malicious code in andi-kue44-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5da214d6e683ffc1d9305534c3002ce6ba53f6e57411ab132f83da7cca6bf3ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...