52 matches found
MAL-2025-186278 Malicious code in config-ophiuchus-levels-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00e2b33ecfe6efa1b745f3dc70eb10dfaf23b6cf9dd3ef2b8fa29f57ea8fd01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sirius-stop-umbra-spawn (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e55a14a033b2c4791dbf3754b9d92b6fe7fba60595a0c5234a281f5b9d0c6b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186375 Malicious code in cron-rho-analyze-socket-air (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3ccfff0cb2760978774c62072d2c40b1b8f36364183047d5546f5c67d0fa50b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in delphinus-miranda-postcss-loader-chariklo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd0bdf76910544de6f7f52a3893e80a33923959859d77b7bb710fdc4a41378e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187133 Malicious code in gemini-csv-cryonics-castor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a57321bc7da3ae1f7471aa4b2daac2201509cd922f65a18ef0992a031b983c12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189201 Malicious code in resolvers-query-comet-radiant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f32d247fb9e7fef3137c36bba9f109b99a98b0e64d2c7664eab01c964c650d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in modiov-kin-afbaufcaducxacags (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eea7649776ab28ab7763b91a79915c95bd48417403ffcf0dfb410edeea328d05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179640 Malicious code in kisut-afncg-avaff (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f0c04531f02e82b4ae9717dde435d7fde50b3fa2cfc0bcff47e3da48efebfa4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nokire-nakaocil16 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0489ed55f020f2651b0de98efbb0146ecb8b3b7fcdfd6e4e8c2bf0061fec6b7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ksai-ka-ahakaij (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb6caa785868b8b7470740e14293e39018240880d1932ba0875360e0ccbb4eb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in buis-sunina-muabn (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9627f04b08e21173399f5083673d821330fb2759fd5d55c254f32bd5e9a69d51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168713 Malicious code in tealove-reborn37 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3e645da9eea3ea7e7c7d10b2003e951e80100c25d9d5c2008614c12170fd63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-165028 Malicious code in rival-poke45 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6689399b0d8a962300eb6924306e8bc0996c4d21d8bce88112c91f38c5c2f72 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in carpo-init-stop-terser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5641579cbb1411c260c4a54abdf90d3def958523a27947118360caa005c2f5dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140825 Malicious code in cluster-elara-eclipse-betelgeuse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 048347085c1a35d570cef25eada38c7e80fdabf3e21687fae65165bcf3933e45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eslint-plugin-dynamo-axios-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 609bae32965b6115352a6c6f0a2e3f26630ab7c7a85532b8c34e12ada679b9bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sedna-start-semantic-ui-yildun (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ca2e2719f9edd696a7a5d29b1c059a7717eae9f96696261990915eb6e34e7cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143659 Malicious code in inquirer-remark-upgrade-run-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d8f4bdb1f8f040e33ec40f663df8fe7c86704238205484e4164f4e960b24070 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148187 Malicious code in spinner-castor-commitizen-dependencies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3d63d7d06b5a118a91516b5a41f47e4a941c8c4b433eab51718c01dda4b1f95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147793 Malicious code in sedna-sequelize-less-loader-rollup-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21acb639bbf2efdb260ea223c2b12d93b35a5e8077ec424222d65f38559509f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...