MAL-2025-189083 Malicious code in rate-limiter-express-iota-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 220e622d69063b2b40c1d75c8eae318670c90278bb98cfed61a265a93595e3db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in samehada-fhzhs-r7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc4825f4098a35e733f3e3d1ff172e0cded812518249ef2d844a52b61ecc4e0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-168658 Malicious code in tealove-poke32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 260058e436f12fc2a570f02b810b9935bf43be41fe9c5effb147c6a795b2d8c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auth0-cygnus-farout-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f358ba8f4b4d9e99efca5ba9615c7aca5971cc9cc415499a66f3b5529194551 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-132076 Malicious code in arif-asinan68-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4769a24bf3d7e762586357808173e0f672a91f392815cfc0483126c48eab0ccf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-128835 Malicious code in nana-mangga3-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b1b88477ab7199fbd34e536082cf919c98b106497a0911731ea1446e25d0d7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lagwxo-devapptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e42a5b95b274c1746c7b5b503e4737ffe30350c5dee78967a8d72cec5cf3d55d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-99387 Malicious code in amateur_mastodon-apptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d09e7ded86a584911b70461237ecce043f3ab8eba8f1dfe2ab5ac5f085c7dcd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-104456 Malicious code in iwan-lengko55-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfee9d76be59f9a7e34f7096cf520508ebbc9da5e209e5654754b18ae0e88efe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-81656 Malicious code in tiara-mieayam66-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98eef2c5b4d95f7d8b7d9d119f405ba3ebacfc3a31eab1f80dc166821603dfc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...