MAL-2025-185586 Malicious code in astro-ignite-scripts-pulsar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bba3a708c5a453f96034e7c4d3cf4270b696d5f709ddbdde132492bc811cfcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185050 Malicious code in sonic-kots-fudvtiyaja (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71601d3122558bb98453314f1001eb7ea7aa2b5dd6276e67cfe5171a9d6bd9d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-177650 Malicious code in polymer-afajf-rofifdsafafa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01fd4f9ea7fe0b155a175ee4acce1dc2607b8dcd9ce2d46c3b41ed87f970d37f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-172010 Malicious code in yashikananda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3dc730040b9401c936c631194be87feebcea952c2564675df19123a180803c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kamasada-nutsai-aaffa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f703a9c6b1dc78c242fd674728605b5d0aa39a8304588eb41d259c68f836fc4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nabuf-otomabin-nojaugdsgu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b23e3f9a2d835907d2b558ef8afe977aa4f19b0eb43eac326dfb865c57b676b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in pilka-kama-bicuibai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a08e2890c042063512e538fba6e60bae9f2922178e2e8048b86a0cc2d9eecc29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tealove-okta24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b1817122b987bbc1dc11a30c3e611b4a1a1e7c5a4e26f98d59bff713e96e79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-165618 Malicious code in saku-aiaku-unusiakau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3e33471080bed336abf474653af974b464fdec04c2fe79ff00018adc6763970 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-162985 Malicious code in nokire-nakala32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d45efbf7f325c41d25794872b80035626ddb7d5e3a41363b143297b30204f57f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167985 Malicious code in teagood-yakuza28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b792b45f241f05fcf21aa5dc856c8deb1a98a91d5b49eb9cd6b12002ab3b9753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150713 Malicious code in @miptaa02/iadf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ddbcedcdabe331ff3f8d71a054722689d8a23f6ba7410f3a4c8d5399f675f50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-165249 Malicious code in ruji-24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0b2a143ecc2b027113c1a90e363f3236bc6448209ae08dde7ac4a953fb7b2c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in auth-radiant-kastra-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7da4a931fc7d11a9f6c84c5f2225ad0970d868b34bbe685c179c1601b593551 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147308 Malicious code in request-remark-sadr-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55198b1951195c04b8787ba7ffbd4ae734f7ff221bcd530b6abd49b8e709a72b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143817 Malicious code in janus-meissa-async-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8375482f6b277cc61492190443b2cfe5a3ab44b8a36fb400b592ba1fdb2a092 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147961 Malicious code in sirius-loop-axios-hydra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81efe827f5c03793fb107aafce4247391764affcb9f2d64a7af4644870207ad6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144848 Malicious code in mensa-enif-magellan-umbriel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b533e0ae285e04abc18553b4bf644ea798de190bdc453f5ebba48f4bab21c97e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145789 Malicious code in odin-auth0-spica-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33e2a02b14f805250844e02207a8da2c9897a344b77ef90b326bf6fc029b0590 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in naval-fuchsia-bovid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47c4c071c371c34553e0d0b2ad0d210aa8ce7964a9ce805eb2d9bcee72a40ac5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...