6 matches found
MAL-2025-183997 Malicious code in mitok-doni-olodagivl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40daf3cb74df623df19cafda754a1a92395158b6665fc72992053de3358bf36e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142673 Malicious code in foundation-sync-jwt-dependencies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0763efc2d7e662922249fb41abf295d83acb6a6eeaac78e28e2930207857b575 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-111721 Malicious code in chronic_koi_lavender-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6babac4db933f86c80f65fc6738edc75578dad9b1f32c6a6a37fc3a0478fd570 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-93923 Malicious code in deaf_canid_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 692500edd9f67498e00b623f08fc8db49d1c118eea503c8c1391d4587a8f923f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-81135 Malicious code in rising_skunk_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7214d4a7ce2ac845f1c0b816978cf1a65f7e698c49ba92529c4c5ba626177976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in reasonable-amber-sole (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b42699aa96c8bd124674e7f5e301b89b22da8a17b151b4f3be42f89b526a2ea3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...