7 matches found
MAL-2025-184718 Malicious code in oloc-uyg-uhai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5bcb456768dbb8142c30a0597bc579807b2894fa19af4ad5e14d725a0033a89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aurora-tailwindcss-nodejs-lynx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29f2c221f11923d5f6b23ee57f3071b738e1689f470d3de977ae6470d6b4c9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-127684 Malicious code in joko-gorengan46-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffc4e5965adbca911f04f06d613485adc1043b7fbceda55a8dba6fa8b85acbc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-108537 Malicious code in sensible_wolf-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36fba9d4ca2d6d39597eaf24979883eb5cbb2ef22e518e8d074932022ead4f2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-103493 Malicious code in hadianto-kue92-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4803d1d938aba5cb876be1b8c970e5f55f9e3bec2209c256c878fc6ccb8a4e36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fundamental_magpie_requirement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca1cdae7529cbbebdedfd21006105d04c6da7f2baedcc23098f9fe32efb2f297 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tiara-papeda90-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbe7f85e0e95857ff510317ac87665e8b2314173715a5d089cb92c3424481696 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...