MAL-2025-162920 Malicious code in nokire-loklok64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 118d7fdc0f23da8a7115a001c5544f833afeb0b807039634a3d5920d348d2bd0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jest-meteor-centaurus-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbacca549b788fec5ad0c9e1142e7c3f46b32be1fe505973ced9b749179f29b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in node-config-upgrade-library-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5b7436d1c19bd4ada5702cde9f3b4b860ec5e5c962dc062ad80ccd76e1a57e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-120287 Malicious code in gita-gudeg38-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c740e89879d0debf96cbce250f67891aaa12ce46980f38821ca2a28e91927b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in watery_wasp_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5079b65c908d35c01d77e6f2d4f02349ac881466bdc8cff941fb3a1272efbdf3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...