Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity are related to malware, dependency confusion PoCs, or just ...annoying SEO spam leveraging these registries.

It's not every day though that we see a virtually benign flood of packages that otherwise aren't conducting anything dangerous — well then, why the flood?

cases dependency dependency confusion featured flood malware malware prevention nexus firewall npm npm and pypi open source oss-security packages pocs publishing pypi reward seo seo spam sonatype repository firewall spam span tokens vulnerabilities