MAL-2025-186128 Malicious code in chariklo-library-public-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa536a5e403d931475f9787e1461256bb925caed3c743de48b475db4b9bb1938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in radiant-on-oscillation-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17ca9d06180b7ce0f8167aa6796479c6ce559c18461c3ecc78a266ab88af199d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in prettier-plugin-markdown-mira-rollup-plugin-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59df9e16b1d88777561b0576f22280225530cc5984f4353928fdfe3d86100d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-101502 Malicious code in dfgerc-devapptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c650a09be866cbb516e8c5a8249ec18ee0ef2743e1a8c0022ab5a9c155547aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...