503 matches found
MAL-2025-158828 Malicious code in lookingan-namalaka19 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34c994dabd5e0b779015394cacb62bd5fcc233eb6009c5522df7748b9f1ea062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-162277 Malicious code in nokire-akaza62 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36d069e58365d411eece2e47acceddd1efd0f1f17fc97434579fe0573415b4a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153683 Malicious code in billa-33 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e064ad7775f6eca2c5f2bc120d076c9b1b22e351a8b0aa44bbeb715db81c9a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-159238 Malicious code in makanabi-aibba-uf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f2eb1ae3f5c2c67911542bfe634a0a8c7828e6ff01d08c9189b296212a201b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-151217 Malicious code in abia-avugi-agni (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc7571c21562f5cae048373ce20dfd3abc7c8e082c75215c871a4758ff47f905 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-166633 Malicious code in syahmuda-poke35 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 716c2745b44e753d874ad0b497816f455a5b1a9df758009388cc989bb8bccbbd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152124 Malicious code in aji-poke6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcdec47942174cf618e9d97263be9af576d44a92c96a39fd0e21c7cfcc2dd184 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in deimos-hyperion-cressida-deimos (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2d88789abfd0303fda40dc8d67147003b7134923bbaea1c25c73e6fa27a5b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nestjs-cressida-pegasus-toml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9b69987b3b711712af2620dc816b97bc32e9d6c0e4bf7a77624e4b559718a31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cosmiconfig-prettier-stylelint-centaurus-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b2b3af4f75fa5fb6640299c10d355b8a8184131a97251ab5b51ba36f1474cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ariel-ganymede-octans-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fec6e1b31aae085b602d14429f3b3df2a9d0004263e668bbc299a4e698d2144 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in global-nuxtjs-antares-koa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3fbe6a0139f93fe7eb3f20cb671d10dfb136b047d88376d204c1af7a02cdae1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chai-virgo-spica-blaze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89f745f535148fb9dba116bf9fff2d297aea6b16488115eae1578780426684e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ceres-eridanus-eslint-config-triton (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de73cf1a1d051ede7b2b4b1f0b8b40817f132d64f0922bae18b2a83eed940264 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in commitizen-jekyll-antares-umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc26d4847edeaaac6173481b164fe0df5a90f1bb3a3ba1dda00ef38a4eaa118 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in commitlint-config-angular-cressida-nodejs-winston (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51233a99373fbba970ffb051b6d35dfb5c790bf689ce0c29ae1c2bb9f36c160c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dotenv-safe-elektra-build-octans (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ec8ece53180670f01716145c00b47d9987080d41885ae0c91d2bae340e797ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gatsby-antares-metalsmith-eris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0608261a0fe9f89fd63b28a2f5ae4ea7d0bda75b02105c40feee677bf54f4ada This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jekyll-elektra-vortex-dotenv-parse-variables (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88c959720c38f7a9ad315da296dda18f9ef35605b92b08d3fed920e1e332b18c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in koa-module-bootstrap-spica (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91a4cb222471bc51975749e78a4951f374ebdaaf33f053ab57fbcd73c4c00e15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...