MAL-2025-186810 Malicious code in eridanus-middleware-meissa-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39d8052daae1ed8ab3fc26fdaab3f01d80ab551e461e94217d3ab36440d1b583 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kapai-afama-agda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ab5d6c9fbb5ae3d306196ab9466c20f4146936eb55ab86df8a48422894099a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-152890 Malicious code in asd-nuttr-sssda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb46c94c2bafd5273e87086efe9d69ae6f031258319eb491675cd3ffee42338e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in electron-rigel-bootstrap-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f6bc5104c5c7e429d0d8c1f83f94dc9e0d96b43745df34a274ff9d81becdd72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in riana-miebogor71-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac05118ae9b1c7251619f8d73ee2815f26214c03b6e12f2078a6063c83aa9596 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-137736 Malicious code in vera-semur4-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feeb023f51ff071f4eba171a313eda9ae92dd7bd049d585181340fff8d92bdbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-127849 Malicious code in joni-serimuka25-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b73c4057e4be9f6e8def9abf26c18d5db3e8d8f3d1938ce31a82ac71a3b9a2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in oktafian-gudeg84-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0499033207b14e6f078fe7e9f84ccdc41e0372a8324928850d65861f83d4e6f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-109695 Malicious code in tiara-wajit30-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 359f3b22bdc29acdfbd00ab155dab66320a62f8605437dd4484f2c2ce9e18f6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gita-keripik24-tititugel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16a33cbbb4d5f094bdaa1cb5a42da8de96fdd62d3a301fecae1b3b52c7030f26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vina-kue92-apidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08b1352fbe320d42edf9b9592b22f0e006dffe8221953862a418b9b85ed96c5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fat-rose-parrotfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89212a1c82e9410e0cfe3c3649f02f059d2628ace716b771bc7002b8ddd5191a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in minimum-sapphire-moth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb5622d9c6b8d9fd497209a31da78aff6efe7342273004d8616697762400679e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...