Malicious code in resolvers-auth0-version-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af4e728e0527b6001c2f08d20b3cfd6a79fcd5d20e77ca00cd55be6186710444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-hermes-polaris-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e60303986771acde3d009f66e53f1bd8499ba9a4b0e3ac95133826c43640907 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in blueshift-lynx-dotenv-safe-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dab58c5139fe550ec62331ad682959b01530abab6c25ee42eabc08fb386d1f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190423 Malicious code in yaml-chi-cloud-nu-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f23374d8415feaec69ffee45d782c1abaca7d176af8b9626e1a1ce2395eb60d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186730 Malicious code in enceladus-blitz-lynx-corvus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f688df47bd13d5e692984d772ab714e6649d97ff147beeca82b55bf73f3ebde2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-190284 Malicious code in webdriverio-umbriel-sequelize-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367388f26f8901408f98dabc1ad28b7b62064486fc25c56a4c1d0405469cb2f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eigenstate-spectron-loopback-wormhole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0460ccbfd41e51a0714ef69bd00401d3487ca8ab7f70a90e0377723fddd725c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lobac-ubb-afa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37227faef04f109d8d7ea10d274503d937ede9f361b00722bfb76df38f5b01ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183835 Malicious code in masolv-ilo-cvaginahu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bff28b98af7ac7a673d80d5a2d5ec49dd7051c1c277ec7a387cd668081d21cd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183640 Malicious code in mahnu-noy-gitsogapo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f5e7e4abaa93bf15bca06857d17ded1ead747ad733b68d361eddac437bfd95d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lobac-ubb-gafufb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0c27e8dfdd75fda48b9cef91946d865c73f5c24de991abd12ab8ea9050d5af4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-ilutg-iduhisa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0b31c70d46bd76f0e997e469790865ebf9ac8591572d39048e0d42685af3299 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-184426 Malicious code in modiov-kilan-avumanfaiab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca0193fa5b27956614ea7deea4443848d080d23fe6480a9dc3663759267c510d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in mitoko-on-lakia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e42b51d885eb914d63a3cd8c4420754611482c9140ec7d0ad58f939701cc25b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185214 Malicious code in sonic-os-fusiaadog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e2784c2073485ae2b5cd89d5d067d23f8d93fdb0fb44818f97b557ba7cde626 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

@akunsansan0/jorelat (=1.0.0), @akunsansan0/jorelat1 (=1.0.0) +31 more potentially affected by unknown CVE via teagunup99 (=1.1.5)

teagunup99 NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on teagunup99 and may be impacted: - @akunsansan0/jorelat =1.0.0 - @akunsansan0/jorelat1 =1.0.0 - @akunsansan0/jorelat10 =1.0.0 - @akunsansan0/jorelat11 =1.0.0 -...

MAL-2025-181059 Malicious code in teate-thy-sonic-voswab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f61512aac3d738995c492c73081860060a6e8d6c4c9d05eb3e3457bfe6a1d41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-179483 Malicious code in anabuyil-inanhu-ninni (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0631d72fed46cdb91ad5762151f9b9c07a819a6f1faaabfdfd54f69709bea34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-179937 Malicious code in lookingan-nanakila120 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e4f19be8bdef8d85135022dfbb8d785e27d9471f3cd89d51f873e9be23f96c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-180449 Malicious code in teate-thy-sonic-gutaha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fa8fa713f088cc3b663ff0d9c601a4d23f28156feb8c10246dc03f926f865eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...