MAL-2025-166101 Malicious code in slamet-poke8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b7497b7b4731adf26ab8d4297fdf4727fa5e9b73808ea3319fb904d609f9069 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-169499 Malicious code in uaragifa-afaoti-urufuayo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2eb94caa02d906f44003c219f716a9a826bcdd4d59e71b4da5f5a540622f744 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in angin-poke16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e803dae050f6543c61d95578329eb90f5cac60d91eef7f266cda58cd5d75e4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-147366

Malicious code in uafagarug-midfafoi-sut npm...

Malicious code in yuda-22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e26aabb3e3087ae5a34ef6ffd05e4026dc57877acb000abc94f3f966cc077da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in manusia-taval-maoi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e3bfd160d979715643f628611af86c89d98544be09f726cb59e9cdf33a6b1c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-163446 Malicious code in nokire-sekiya56 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6636885b62af8607b7af8cbcaab82f74fa16ad66da52b4abffc764143d6e70a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-146669

Malicious code in upilka-luzimu-kijnuhigani npm...

EUVD-2025-147517

Malicious code in trevora-cir95 npm...

Malicious code in piluvaika-kaiu-nubuli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e70bf791f4d59beeec6fd476634496370654cf12b7dee7f984b7f3405ff7633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150477 Malicious code in @miptaa02/adahfe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 874e315be2cb8bb04dcb743e2890cc3c8a10df79795ab5a1e2907dc8afaea4af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154186 Malicious code in dajouka-sdfaa-sd3a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a552e53938ad63a678351df56846b27fc4e8795edf89a7c9d2d968c93c3440 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112234

Malicious code in javascript-indus-ceres-ophiuchus npm...

EUVD-2025-116575

Malicious code in apollo-repository-uglify-js-nextjs npm...

EUVD-2025-116032

Malicious code in bootes-algol-promise-spinner npm...

EUVD-2025-124176

Malicious code in oberon-firebase-jupiter-winston npm...

EUVD-2025-123032

Malicious code in pyxis-terser-dactyl-rollup-plugin npm...

EUVD-2025-115245

Malicious code in colors-testcafe-uglify-js-karma npm...

EUVD-2025-124358

Malicious code in nodejs-eris-izar-semantic-release npm...

EUVD-2025-114631

Malicious code in dagda-nodejs-magellan-mysql npm...