MAL-2026-4014 Malicious code in @antv/gi-public-data (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2025-185532 Malicious code in archaeometry-airbnb-mira-ophiuchus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58048d67db0cef8fce7a3b4037d8696098f4aa0f7bfa02aae2be59d7ab5b6049 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167019 Malicious code in teagood-lokina53 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c86b6fa36844432201fba1efc79c4a21a706a3e52b509cc2b2e004b014714d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167581 Malicious code in teagood-nalikoli28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcb83c5b4773930444a802132a20766a57f9f7d128182310e66a257bdffcc8e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145476 Malicious code in nightwatch-ophiuchus-html-webpack-plugin-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afd914900fc67827f00e07c2f5c5fcde3d709bb90a7146f51700c73d01e22125 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111769 Malicious code in courageous_puffin_bronze-88 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc7dfc42a9a767037268e5f534e5e2afec90f86281a60df7987b329940185db7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-97065 Malicious code in typical_deer_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae348827698233b622a0f91ad0533758d47395b4a26cd55f20d92cc3c39f37ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-74098 Malicious code in laila-takokak15-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8eb3db22ba445b4ff76c66d0b6d26a721eec4c83c517d7a0697984cccc999fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...