Malicious code in uinsu-loti-nalu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffb5465227fdf421121f61e3f8234b9197ac9876abd78c3089b7a5ce86b44bbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-166247 Malicious code in sunden-diak-itarukinyukia1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6e2ec17baaa8f02e262a4dd450b142cbb38ad4bc1215657101bd8561be48f8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167885 Malicious code in teagood-yakuna28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e588f5f9f566a97667a1bf9869f24c063e370454331d1f87ce24956a64c6a23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aether-nebula-sequelize-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0094de2b5d9b566517b29185064674e61f7198e886fd9ff5e9bedf51bd2d6f3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in altair-scripts-dagda-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed3a83b3d29fadebfc93ee31ec22b2fba479781dbec590684f1877f0b2d8f572 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in scripts-semantic-release-galaxy-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dc373eff89a8346915f7e86bdbe978bb844ddf27580d6e384ee21fd6bf5e29d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141532 Malicious code in deneb-astro-xenon-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c30df2abcf22f557c7023e22a337b453c8f6233b50a59cb850d624a11cabd466 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149047 Malicious code in ursa-centaurus-writable-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5379b0a5275af4c479fedd6a9b9d34b4460d265c5d39964e6c6902a534b3b81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

PT-2025-46571

Name of the Vulnerable Software and Affected Versions a+HRD affected versions not specified Description The software contains a Stored Cross-Site Scripting issue. This allows remote attackers with administrator privileges to inject persistent JavaScript code. This code is executed in users'...

MAL-2025-136219 Malicious code in patria-rangi38-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9c7a5e8c99f1540017df499642849c24f47a7b5cb52fbff1411ded615dfc752 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bambang-nasiuduk23-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c185cdd276a1e9fe3f84c4e519f8cb3c500e096843083a776f5d56672014e098 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rina-lodeh54-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb9b7746e295212fd56bf116915b8a39aebb8f82d2af8dac7a492760a27837ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in corporate_vole_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a52a7a7f83a1213b20ed38738b9fc28c01974fb4c9d0f8f6ff3ce48121ac08c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-123457 Malicious code in surya-lumpur80-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f90a7a94a0abb52aed02d02dd8eff4f71bffcf5d94ae885bc224118c3a0602a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112641 Malicious code in alternative_squid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 599ec935bd662dd20e395ecdf4689ad5a61e4d4080a800f0b9a425ef3e598238 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112183 Malicious code in persistent_moth_blush-42 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36ed174a62c9818b0d243d4632996727f416ab563765945b4bed89f0ea9df32e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-110905 Malicious code in wide_mollusk_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63be89c0337e8590fd689695161145916d18c9cfb1a51219cb62de6056479bff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-96290 Malicious code in remarkable_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e8c2c19aa996d87d2a33b0af75fda3ac7cf2ab70ac132ef60c3f38894882983 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in familiar_firefly_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dde47e4da4a3c9688ef9561c5a478082005afb124d70c6e5cb20d374b443c00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-80581 Malicious code in patria-getuk88-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f57ccc5b901d3754e050063a8c66040b3894ccb57f8af914589e837389149a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...