MAL-2025-188709 Malicious code in pino-pretty-technosignature-biomimicry-wezen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d78551abc317c974c87d5054e9be17761bb59010ff189eac4ca579d528d32c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in convict-miranda-deimos-astrochemistry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04db394617dbdeb6aa28e0264b9f8042468ed940bafb4b05d874fdda03d6aa6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gulp-rollup-plugin-carina-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68bf9fcb09e12feb0d27fb4d36e938ec6bb40361ec9a2ab7c9eafbc28e56ebb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodemon-heka-wezen-meissa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c295e465036b78eff0cd11ff9a8e7e1894c08d139ec57d8043ea93e45a02fdfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vega-toml-hexo-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efb24c32e4d09b99287614e8f188638625c244dfd0b4f79bb5170f0788ef9b80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189663 Malicious code in static-transpile-sanitize-emulate-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24c91550d3bffecc316a3775d065e70b04e9da99f4f3aecc527ac3a8305f1d63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188395 Malicious code in odin-babel-ignite-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbd37aa3a95860ce014237b274e8d7b3e67d3ea95f530cd7113f4e831ba94719 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188695 Malicious code in pi-emulate-lambda-alert-sandbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 236bb810d2fe074699de9d6eaf3ef0198b4b49689dc232910649ad3d8f66b4b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187114 Malicious code in ganymede-tethys-jwt-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404215b9a56b2a2fb508a19ae3dd7a8e028cd7ee171394ea28d87123eb72e07b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-ilutg-iduliabisa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38e467bbb3940a4f0095ebf0cabdd21f5d09d813a102a69c8352fa087efc2158 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-lutag-obolavu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95ba5fb1f54b53562e7326582fc300e2d30b2b9737acb5e8aa32a73b2d82869 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-lutuig-alakanji (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9172543fbdc502597d46b61b674fbb86b1de4edd94b3d6cab270ac2b7da4b9f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in flights-tuig-alakanjitw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d7f97074b17d7e43a3a09076231c1b7fd094cf18cad5ca2cb6ce1204b16abc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hitale-irher-aeswasdweaddeassaedeaefedeadedefredafafaadde (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60204f96f22f6598891bdd615d6d258a4d6e6e06b1e11b4ddea55d6e7add369a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imodiov-omfi-cafacevavisvoetfa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89c8cde0f7fd584f855345232e8dcb9b931a46bbaf8c34d1408dd39a54ad49c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imugay-avig-ij (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86d2aba984ce2de5b47a7ae076e2b1602871fa09e630e2bd77df44d92121c26b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in imugiay-avg-dudgai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 984ce534f4df71228b14af319ed28ae24d960909acb69427fe554f0096d17c8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inda-fodija-gifaiga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77aba48c4653b10127992b6ea4a0159943cf54bb7addb94cbfb76fc8cd5fcc0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in inda-foi-gisagaan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c539db5704ef8e7763693bacc0563aa4e62a9f9aa4680934af0133690980a31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in modasiv-kulvu-baiucaufaibfuav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ab12fb8eff29e01419eac996d9d1cb13c9305c3d5b51a1adef004cda6cef97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...