MAL-2025-183601 Malicious code in lomi-ifus-ugofaliuafu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49351929bc0abd492df0ebdb9ee16dde5d3b752f4db0c65a89a129612179055 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-173257 Malicious code in buis-sunia-nudanif (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b4c4547b5c0e03a80dd581fa0cf1c2ff5690339d3fa043140e73bc26a41e441 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in poglymer-ogaih-afgagi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1637202adfcc19982900f3392cb3e30f8d16523f585da41a0a67567e2330b93d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155502 Malicious code in gurs-abgtdya (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2be92b0901677b9f8c5a64a5bce0308cc80980c88c8f1b5fdf9578893633540a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in repository-dotenv-safe-xanthus-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57975ca82a0703ba75f441ffa6b0399f3aa145383caba60cdab563bbf3341e34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139708 Malicious code in aurora-publish-markdown-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a6c37dc5bc5d8fcb554dbf6f064affdc92e9b34a5aeca6ceebbeee20d52be0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in advanced_vicuna_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 073edeff916e5df99fe8257f55914c7d2b1643763b9e5d9aca9e24c8197db460 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-117297 Malicious code in surya-rawon21-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12e85d04f06595cba154eb27edd269c9017271a23090775bbaa07fa5f4b07d03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-104372 Malicious code in involved_jaguar_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb19b81f52ef9455f4dc8d9170a49ea9dc571bd8d08f1b5b4b2ce4aa691aa521 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-86833 Malicious code in irma-teh53-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 907ce915bb4ac8b7f8cbf1ce896b4d4796e91001e517e47b395aa116b23b5774 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-77532 Malicious code in dewanto-takokak82-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d9d3287f8822eb0928b6f94121ea3a25344186f4dc325c13eff58a52f5eaab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-72461 Malicious code in dewanto-sate48-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60ed8bb4ea57dfd3e36e73138388d1f8330a46d8fd229347beea2458480325ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fresh_yak_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b41681daa6a9bede3d95df4f8b4ea2bd34a557d8c87afa1133a81195896e773 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-53444 Malicious code in nadia-toge2-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53e9ee82895214e23f57b0a923c42310e027c2c9e4dad996b327d04c054c8a34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...