MAL-2025-187316 Malicious code in helios-epigenetics-asteroid-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6377e2b79f3c071d80e2ff88f6a1bc2642ed48e5cb294511d71816003bdd01b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-172841 Malicious code in anak-jalanan-mdn31 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb21de63bd019826c60724a46b9daeebd05795fd704ef579ef06199fdd79ee1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167145 Malicious code in teagood-manaki77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ee1a6bdbcdf84af057274809da2fdffae6c59fac85f13d9c9f414d2b48537b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146699 Malicious code in protractor-sass-loader-test-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82ccab95f5e2ce85e46de051c78ad013ca2e19a9d5a01a4ee0a843f29e4cc47d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ignite-izar-hyperion-gatsby (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0894c7a3eb9e5f3c158e630bc71fbdb660de946d7d0a92955c82af30adb08ed4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-134397 Malicious code in irma-gulai16-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64947660567f3958162856f32952dcd2a63f271d7f82eb0f72527b799a41eb65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ida-brongkos40-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e348e67d8624629d6c071e31a41ecc77d5a50e4a699d1fa502f301b339a7926d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in worthy_quokka_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e73f8a06c8fb1120eb2d86a7768bbb06d90dac1c6fb0a799014d915f412eb87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112904 Malicious code in bizarre_aphid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f09ec872c1be666baaa30be0bc0de55a2f688a4b5ab4b8839f6e9bf82332918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-109967 Malicious code in ultimate_guppy_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95531e0193dfdd8ccad4a47036fb1d0ea16b3fe6459502f44e1d7f4d8b09d062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...