MAL-2025-186373 Malicious code in cron-kappa-bash-serialize-beta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53deafc5f542e358e2be400b3647937108a888871b1dd73316f4f4157605370b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in zul-nasipecel69-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36c7447e5a8c2824410d07c6034c7710516b1736c12170a2f6adca7ebae16068 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-126891 Malicious code in gita-rawon22-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38f236c1ed1cb6b3afe3bbf215f6e35af1d4bffe57fee6f35b914701f594c011 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66643 Malicious code in additional-orange-sole (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a20412ac8b48c05ef485d7d12ee5e870cedced47b4e14a6f36aa0b48210eb3a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in welcome_roadrunner_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae74aa5c5696ebcdb05b64375037f29c18b13c965d917e92ae4e8126e876981c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...