6 matches found
MAL-2025-188990 Malicious code in pyxis-hercules-scripts-request (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6a81f666995ddc6c6187d95530b91ea605e66fd4709f426879c3d30977691f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in prayoga-poke39 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62511b0d48a26de2fe6de5cbf541d8607c04e63b3aa7afabb41e02b2d98e21a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147070 Malicious code in react-bootstrap-perseus-loop-octans (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61172e3c6854cb76a038cf824b66df090e14de7ea249bac4f0599eb783a7758e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in yanti-rangi55-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab09143a93e1d06ae483b72b5f11e68a93f33603818cb9fa8538a875721a4327 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-135028 Malicious code in kurniawan-ronde74-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21d9e4025447dcf5397d843a77d7dd24fedd9e363e952fb5a479862839fa4a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in indah-botok69-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b54a3fd62e0c561efcfd1a40515e945bedd3faf8ed9238ca647caca2b002a6e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...