Malicious code in java-socket-cluster-decode-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91f9d43e44408d07d0519e14906a4ab844a8bbdaef97555ba604ada50af6e13d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in manadsi-sfadia-maad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19e147254c0f91f5a75b7f785868bbf119540965438c955b13989e22dcbe5b59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140282 Malicious code in cache-procyon-markdown-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c0a5ed9de61f271e486d7001316411a5cba9e130e1850a2cffc40653b79943e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139693 Malicious code in auriga-xenos-command-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fec3c3ef11e14e50a517e63caa9aca355427c437df4d625dc2d40a9c70a4b22a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...