MAL-2025-135489 Malicious code in marked_fish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f2b9aca04a985603041d8e165d3cc904509fc51511b9ef52d0be63b9c059bff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-133578 Malicious code in foolish_tarsier_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 541b17659fe576eec62577335d62437af8fff99deb804ba5da761d14aa3785bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-122427 Malicious code in outer_eagle_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b459e2921e585679d9e8ca488246377dc4986bc4513dbb4e8d1ae5655433e6ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-117766 Malicious code in valuable_swordfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4629ac859721dce4c5d3d5024fc4118ed188c148196fbcc344cfbaebd4910e95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in worthy_crane-notthedev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ff8225650fa8611e9ac6fd5a71f7a095d9251708af94dea79bf9e68b730faf5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-99604 Malicious code in armed_ocelot_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a5bc01de0ebc3170d53c490bfa795e82ff73bb7cf8ad08617092368fd19019b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100126 Malicious code in broad_warbler_dumbs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b8dafab7ac587d14c0bded87f0ae8c5b54c874875a00957a068b0e826fd957c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-96609 Malicious code in skinny_primate_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8977027495448f88515fc5b188f32a6d66baddf2bf144c321c08cf374973ac78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dizzy_worm_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9538e2c2471f4e3c60479f8642d203cbaafecd391941d96b3a3801cf7bcd6df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in melted_crayfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f812385a5bfb3a44ea4cad1472b49c1c52915173720f7f8d5c37883048737b26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66187 Malicious code in widespread_gull_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02ccce9de3013bc8a8ef5a9ed9e14ef3eb92e18cb61d5e7decaa0c14d1677f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-60663 Malicious code in inclined_sparrow_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dd6e36cc41b59045087b1c48b2383849cc06591e20ddd50e276213b9de1c3b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...