MAL-2025-163506 Malicious code in nokire-zabuza19 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db2896b70e1e6ce9804a65d636aa313f279e1f17cbd6429e9634d9da56ccbed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-166517 Malicious code in syahlan-poke2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bac1abb6966150a185966315e4a611dcc084a0e3a76a41dc40d9097ccf5b2c7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155199 Malicious code in fitrok-poke32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53e2935152789a2221d7a6e006fbbe00509d62768b9fd68d50f9a96904d8e358 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-154939 Malicious code in fadila-poke62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e769815889f68c618f6a24f91ec402b2447fa0ef3ae86522b4d7c8142c633a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-164885 Malicious code in rita-16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7c5be0d08d094c9c6ff4a544c74bdef4b9fe792fa0b541d0508612b5694c456 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in configstore-semantic-ui-iota-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 522661629c144c726922f88e7442ab71fcbffc91daa5a123695bf5248c25ebed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fetch-betelgeuse-schema-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 670781bb419cc79d768c880aa8e00d75fa01c072444a62cd33ffcc1cadb81d9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nextjs-hermes-sails-acamar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09e952a6363545cacdbdab17a2bb4c64c953fc7a1614b65c9e1e5a18582cf3b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146990 Malicious code in quito-betelgeuse-ursa-element-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d12f9bb05b4af8c30ac4689719f757f75fa39a781e52d2bb98ad133ace0e3af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145510 Malicious code in node-config-janus-version-sqlite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc67c80e5df563491bd375f003828d53887a6ee439f343703f9a1e3353db3dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139428 Malicious code in antares-pavo-sagitta-hexo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eb91c966e9c686f36a11e9fc5d3120d55ab7e432bfe20b1f89bf8a88a5c7fba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140566 Malicious code in ceres-geckodriver-hercules-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb881aa6de9f82d8b55c5c71440a1ab89edcf769011da63aebdbb2264e40ffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in centaurus-update-xanadu-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c033a41027d427a96352e53d7de60a8b3dc1841af564c6b29083ee2632cf4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nightwatch-ophiuchus-html-webpack-plugin-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afd914900fc67827f00e07c2f5c5fcde3d709bb90a7146f51700c73d01e22125 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145166 Malicious code in mongoose-ursa-csrf-pino-pretty (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff09a0e2775c3f104292df18673f57ff3a4052c29debe9466012a0994d4cbbc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147295 Malicious code in request-hyperion-gridsome-unuk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7865deb1459e7037f7abb2849c9868bff4ee00079f4c78d1fe2341bb6e0fb540 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144522 Malicious code in loglevel-testcafe-kinetic-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b35b09e0a0d18b36c54fbc73754302779000e4a4c2f94804e5e040b67669a2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146826 Malicious code in pulsar-astro-backend-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d277a175b4a65c1eeea5e6256ad1133633eeda9595eba61ab39084720699e6c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nuxtjs-typeorm-odin-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feb79bf491c21dcb65a74826c3c2b5bd591827c065190deef19b049a44d0eb89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-child-process-algol-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee989f66e1b782655eea49ace8d232ca5718d86a06908628e76997e997f869f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...