7 matches found
MAL-2025-188088 Malicious code in mocha-eventhoriz-wavefunction-redshift (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b8cd1e689ea6014f0053ba750d4bb5a9fa76248e369191d70c4f40b64ecc59b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-177201 Malicious code in poglymer-ogaguh-hgan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a87c4ce2ea3b0747fca86eb651d7043643eca49a2a4290a0122cc3c795686e74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-158181 Malicious code in lintang-tea23 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 314480c59376f23c673a6e3ae7c7cdbe943f4263119a31f037853ac29194f7b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in level_lungfish_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b4760d132f58dbd232293331cb568aa8c67e1b02c8ba1614dd441e74ae0cb32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-89909 Malicious code in registered_mollusk_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1a100240346e5fc96330833c66ce640d3ac526932368b0a698f5d27ffe799f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in coherent_grasshopper_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17f0b15dda889fc8d9263256681018e4ed65d7f52857e8c0706ad2d5c3f82329 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hadi-rojak15-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57b3e820dcad26a34ac1817f4ffbb89c8304877ea10f10b8d567242cfee00b23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...