MAL-2025-183389 Malicious code in lobac-ub-jfggafayuma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c51f790c15a92ef03b851d18bacd20ef9fbd9063892258ce99f1a3e87ca5c52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-170156 Malicious code in upilka-luzmu-kijnuhigihjani (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c16a1116ae92bb7b71cbf1a97f8904d1010ba82c3ef9beddf06fcd86b877329 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centaurus-mongoose-antares-ora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e24a06760a140827738726718696e4b03089d7bb0d21fc4e206ac055c8040c9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in deneb-restart-dagda-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9377b78d2c9acb5517a17e4f897de6a7aff2b2dff05cecfcc7fdd1b54754ff1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144127 Malicious code in kastra-pino-equinox-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eda6bdcbe3cbb6ef8ab1bfa09ae585d6cc0e53b722c68e483091d717214b52b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rifqi-tempe51-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4820512bceb7e6a3a764b03d2b97cb9c7657e6f54f7b58e35f8e4139e3701deb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in peculiar_orca_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d506c31e6a4e2d554cfa592c87982458aba6cc0516b921dfe19821c65ffab7ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eko-nasipecel38-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a70c6706461525b12bfa3f209bef9c9bfa7affe834bbab1587fd74a0f7e9dad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-114932 Malicious code in iwan-moci28-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1f3f1f3199277b8f30684caa7cd5fddd32f1958961aa8c879fbcafb20b12506 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wati-saguer55-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0cc9fa9a549010a41b66dd04ae0093914036460d025e460cb8a9ff0197bc356 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-62823 Malicious code in erwin-rendang19-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87e4421362940048b07bad5c76db4bfd71c48d46a04c688c8778da37f500fe24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-53890 Malicious code in ogi-rangginang42-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ae3e9937d46a628b18043c7141787db41afa31fbc5f63212613f3267a3534d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-51720 Malicious code in erick-nasi20-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 041fd15b7325c73b4166690896ca142303e402c426ad2745c4ce0db4f10179f5 The package erick-nasi20-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...