745 matches found
EUVD-2025-120226
Malicious code in xerxes-foundation-postcss-loader-aquarius npm...
EUVD-2025-123497
Malicious code in postcss-vuepress-nestjs-init npm...
EUVD-2025-123509
Malicious code in postcss-loader-telesto-vulcan-phenomic npm...
EUVD-2025-121894
Malicious code in soap-postcss-kaus-concurrently npm...
Malicious code in capella-got-norma-postcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378a90563bb59c066009d1f716b8397f7a9794d238c740fa8209ae523f935e56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-yaml-lynx-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7991fb1fffadbc9283f03779f51fa19d71c12c033f9ba3a11c26f4941dcd670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116062
Malicious code in blitz-cressida-cross-env-postcss npm...
EUVD-2025-123661
Malicious code in pipe-cygnus-telesto-postcss npm...
Malicious code in sagitta-zephyr-andromeda-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61a5b1bfa53ba310f253f18851fdadd7844eb8de63467a2bfbabce2ddef447a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-cz-conventional-changelog-nova-element-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43a47ad08ff76838aba861fc6bd56d941e16c5920f34a1d97c32b77c103ee738 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114816
Malicious code in csrf-postcss-dependencies-upgrade npm...
EUVD-2025-112226
Malicious code in javascript-postcss-loader-fornax-ariel npm...
EUVD-2025-122863
Malicious code in react-bootstrap-europa-postcss-polaris npm...
EUVD-2025-123511
Malicious code in postcss-loader-slidev-gulp-bellatrix npm...
MAL-2025-146404 Malicious code in postcss-loader-oauth-chai-miranda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48c54ba2e46e0cf1db9575bf6d04ad71d5e2ff725f1353c8b6b9d03cdf82fcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142911 Malicious code in gemini-postcss-loader-quantum-resolvers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 025ab4f53ac3540ff0cd2eb7fbe2d4c11d635f63020d4195a445991a4c7d4566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143999 Malicious code in jsonp-jwt-avior-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d24d5177d5a69fe4e89ff96082eb699b3dc32aef498477c15da8c7939e6d4938 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147633 Malicious code in sagitta-zephyr-andromeda-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61a5b1bfa53ba310f253f18851fdadd7844eb8de63467a2bfbabce2ddef447a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146423 Malicious code in postcss-start-hapi-hexo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcf0d50e2bd565e4ec443a3833a88464d43936318833ccf7ee79429465a63bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147530 Malicious code in rollup-postcss-loader-xanadu-relay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f558dd12ed39569dd372e118be9afd8a3636ac8fdaff883749c0113325e68b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...