MAL-2025-165056 Malicious code in rival-poke70 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbf4d6afd10ba83c6d12da53c392749f43720b7fe157de74df7ec22ce8b472b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-160978 Malicious code in munya-dsasdd-munio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a065de667f6bbc2e7598f7aedfc8a8b098ccd7d77af609d444e1bd843696e0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-161241 Malicious code in nabila-poke42 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0469ecf0472465f2c8789b10dd1b9b5d00a0165ad425596dcfc2453b76eef8a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-152276 Malicious code in alfiansyah-poke64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1da38ed5d646fc4425a78549825b40bf8375fa0342a0052ec2bbe94c43a8770 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-163620 Malicious code in nokire-zenitsu32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7a9a7fe47fe1520754a5eca1a623ab97e6b8b1713d952884ceed03fb1be724b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-170307 Malicious code in verify-ain-ukas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector debb4ce171e9ff2a0fed8e72df999de7a42c2192905c7d056eb2ed0abf8f2576 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167605 Malicious code in teagood-nalikoli5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0d6b3b46acf791c6e175392bd2d2af139b81cae03b7630bb1faf3a171a9cb77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167089 Malicious code in teagood-manaki25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99b78575a6678acc8e036cb5217e9b8027e0aabd796c5baffe071ac918e28edb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155054 Malicious code in fauzi-30 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 323b9482823baa791498b54ee6ac34c1aae8a76d66a2056ff3db8a2b4ef7f6e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-156412 Malicious code in inal-poke27 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad669b6085a79e1ff2f9920d09cd7a0177fc3ce85c7f218ae13814f8e50a4848 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aldebaran-fetch-node-sass-koa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2879d3def66a72ef1d6909f23252125f3bc1b2ded6df7f86f4856c3ce31a567 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wolf-cross-env-markdown-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf92b6b8c6a2644f72700eeb3abdadd149b76826d296338e032bf88f95a1e0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wezen-airbnb-apollo-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 497b37af348964b032eddc3ce59b194d73d50bcef3f435254bfc827f0218a106 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-csrf-ignite-bunyan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acfd3b91a49b333d4e3b551e825ad73ebabb48af5696ee496404e652d6a1ee9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in wezen-gridsome-odin-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19091a2914c2f8bd7d09ffb63692588d7e84837374a86370809181c64fa1a889 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in writable-umbriel-betelgeuse-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49aed667d56d8cc8885f4af0fcabcf078c4098c9b6ba017f25d958cddd56a802 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in supervisor-miranda-despina-supervisor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 419a8fbc6fc410da36fd23007851d4f52fe1bb11898f8c3f8cbacbc2e24103ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hugo-cassini-gulp-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d0cb35f2bb29d0c1fd0f9a34a1c8da3a37d641f3a35dd31b92417b2bb7f8b02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-cache-andromeda-dotenv-parse-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a69f1e0e67e5d014f4810d287a413d9c3f360df647b2978a8a65cd71af5f0a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146425 Malicious code in postcss-xanadu-test-mira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 829bbcc100b6a0075043e2dbd7df90af59ab633374fca956c513e20a11fd2a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...