MAL-2025-154309 Malicious code in dia-27 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cd0769cac0a842fd220e0e01e01faa7f8cc1e51330080a63eb0b94900f5bc3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141692 Malicious code in dorado-local-dotenv-safe-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d65cf7abaf0a3cc4bc9be9d18b01ff806f8e740363dee4a0772a1daa3691af8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-78850 Malicious code in ida-gepuk2-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91997c422ddd6e9a2de649d086aeaeb8f40509a702c81eacce6531873964c705 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in erwin-lutis55-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fc70415c7e518a90aed2be272a6c72fa5e1ef9dc9d5a72ebc97579305d4bce3 The package erwin-lutis55-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...

MAL-2025-52467 Malicious code in tomi-naget4-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 439b4e0b488be60d5686a5e74627968617441fc29dea6d1f6ac5c72f5c627ff3 The package tomi-naget4-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...