MAL-2025-157062 Malicious code in jelek-rasismem-batu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f551f4657cc92ddc37f8a1cc9c10eabd121b1f2db5e5432bcd0e41e61ae891f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167255 Malicious code in teagood-nakama86 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e837e48a674c4c5f89b8e23d34a50944d48444037d0506d79e917912786449f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150910 Malicious code in @miptaa02/relay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 403dc22d786c497c651e2f6316f0bab2aedce156a3fc1b4b6c66bfbdd34bd04c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150564 Malicious code in @miptaa02/dffdds (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2581abc6d7e4362982adfc288424576f7caa58d2ea6b9eeeb512126f9e9ca445 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-157736 Malicious code in kuinsu-lubuki-nasivanami (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee39d20496f6ba83ab1b67cfff64f4bfd919642f65c4f784808f856c0a6a267 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-156199 Malicious code in ilal-poke91 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0629cebde072443ba1f443220dde9673b3150a80fe60f7daa4195ef71167501c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155700 Malicious code in hariyono-92 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca2625beb1ce2ec71fc1ab89722988804827f1551f02eecf3d796e4a273d4a5b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155165 Malicious code in fitra-poke7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b89eecf13ab5d092dbcc745833b75448abedbdbf2f367d37a5716d7b9cd4d13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in layla-poke31 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55620720d9902586a364ec179c5890b350db7bfa639a4141deaf96f94f31fc0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-non-blocking-gemini-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c690b3a4a77471e0179fcf51a1162f00ed5621bc5863c4189f2d879b998ad165 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in event-nightwatch-stop-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 344a8f3d8e3297fc8cc6ab9afcbfb139ccb0c4598a5bb32b378d352d81064bb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in winston-yildun-less-loader-dactyl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a69a769cca21c2b2a2a822e2da066c9daed6de27648e615f57d6c614b2376b8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143130 Malicious code in halley-auth-vega-eslint-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9e198bf855eb0b039d2d08b024a85c30d227cbd2fc6698801a6f92c2a987080 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in acamar-toml-hexo-algol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a88ed96a99d8123b50e2099b8f10b6996f7722a4b30d1a99d82db83713193881 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141914 Malicious code in electron-forever-cypress-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6bec960c5d2c7b30446df4bb08b2972ef4d36ff312d03c3c4bce4b033e08d25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141452 Malicious code in dactyl-rate-limiter-janus-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06fcdc160229f75ffd32cdde8f930e032a5f93e05005ed6ff121763b51a827da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148770 Malicious code in transform-norma-flare-carpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9685efa450029c0745cb676603c2b786a4e491760c5f9542c5107d9925439b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147234 Malicious code in release-it-release-it-semantic-ui-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7cd1c8bcdbc0ec6726484d622ff13395ffdefd0f82bf15de112474aae255b8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in init-writable-pino-semantic-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f50d36da15c6cb7b0847c738d99b99be6ee6f7075fc0743fe3b6719e1d23e8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chariklo-rimraf-markdown-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8188880b724dfab1146bffc49114e329ee0a92d4ae9911e590dec3f53e07ed7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...