Malicious code in xerxes-weywot-eris-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 009132446e6de1cf47b905af2f0ffc0bcef9821a4af74b0725341515abc2680d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in element-ui-postcss-less-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c11f7dcb4ad8d3d253c970e41541c585fb88085c98c421b82c65f7f0453e9fed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in blitz-nodejs-postcss-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45892fb45c9f93ca8fd5b90a65388042f2205a48413aa509a34733d2c1d972cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124257

Malicious code in nova-postcss-loader-nuxtjs-duplex npm...

EUVD-2025-115686

Malicious code in carina-postcss-auriga-less npm...

Malicious code in cassini-barnard-postcss-odin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14fc0eae501a3f44188f97c182da0c64a77f5f9ad59719e31d2d186c2364e9aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124598

Malicious code in nconf-nodemon-start-postcss npm...

EUVD-2025-111373

Malicious code in materialize-farout-postcss-loader-umbra npm...

EUVD-2025-120740

Malicious code in vortex-postcss-loader-auriga-webpack npm...

EUVD-2025-112181

Malicious code in jest-rigel-postcss-loader-sqlite npm...

EUVD-2025-115582

Malicious code in centauri-configstore-postcss-mutation npm...

MAL-2025-146390 Malicious code in postcss-loader-commitizen-foundation-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3544c8a28f043aa9e67e4ced4509db2908ad6675975cdeb4198f6d034572831a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146418 Malicious code in postcss-postcss-package-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808dfa2a9e301a31de471bb99a322bb7a4f31937ab1e579f9a02a33d25e30287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144750 Malicious code in materialize-postcss-triton-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e806cad24fc90b3611ebe78f4acf26d974be1fca9b6f1a37555a0267101d4ea9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147756 Malicious code in sedna-carpo-command-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a24b4b00f49c87b40537793e078710621ed57e859a9a24b4c06e73f4a01690 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148012 Malicious code in slidev-postcss-loader-non-blocking-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 908ac57851e5eb2a493ddb3438f9e04e69b5b2d95cb824b69490b1cbee3ddba3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144649 Malicious code in magellan-middleware-protractor-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 930bcf903d4874e22b6b79a00b1cc2c3a1fbb30b21d8d457777e38c1fb17f539 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-slidev-gulp-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5862d33be04bc9356770af83130173cb0e8ea065555eca3cac16d8de2bd2a5f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148823 Malicious code in triton-phoebe-lint-staged-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da62219aeb9b6a9e0c008d8ad616786c15270b713723595780d92d8f0cbd2ecd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141770 Malicious code in dotenv-safe-postcss-loader-taurus-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 311fa8407e3f0b9e342b94b70bbf8b4f70cfd62a93df0c308b3f4b6bc8829b91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...