740 matches found
MAL-2025-139577 Malicious code in arcturus-toml-carpo-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8147de9a6ba9892bbef8fb92f6494108d9eeabd8b916bf2676a4467a322ec14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146397 Malicious code in postcss-loader-halley-middleware-xanadu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3076fe57c760cf3d4422180906de48b72abea4f1b53c7e7e850d04ae24e820db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142911 Malicious code in gemini-postcss-loader-quantum-resolvers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 025ab4f53ac3540ff0cd2eb7fbe2d4c11d635f63020d4195a445991a4c7d4566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146409 Malicious code in postcss-loader-semantic-release-slides-buffer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 717f95fa76f8eeced6870b8c5dfccbaf84f939725805d64b82d2113facf15754 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146427 Malicious code in postcss-yaml-lynx-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7991fb1fffadbc9283f03779f51fa19d71c12c033f9ba3a11c26f4941dcd670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121446
Malicious code in taurus-uninstall-commitizen-postcss-loader npm...
EUVD-2025-123509
Malicious code in postcss-loader-telesto-vulcan-phenomic npm...
EUVD-2025-113467
Malicious code in fornax-postcss-loader-umbra-webdriver-manager npm...
EUVD-2025-121894
Malicious code in soap-postcss-kaus-concurrently npm...
EUVD-2025-113911
Malicious code in eslint-config-galaxy-postcss-loader-meissa npm...
EUVD-2025-123512
Malicious code in postcss-loader-semantic-release-slides-buffer npm...
Malicious code in postcss-postcss-package-impulse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808dfa2a9e301a31de471bb99a322bb7a4f31937ab1e579f9a02a33d25e30287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-magellan-ursa-zenobia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fce8458ed2741ec54d9c40e4518395ab915bd46356a551b9e18b8511ef6e3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-neptune-ursa-nextjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cb77aec177aa08941fff2e38a90f659895d77f4a2d68453f8a9c1bf244d1376 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in postcss-loader-fork-levels-venus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6eeb87c440bcb3eff380092f73c31bd01232d896ff500023793df85c072d0644 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-123118
Malicious code in publish-postcss-blaze-buffer npm...
Malicious code in postcss-google-prompts-commitizen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e3cebc126d02237fd746fc3461146e32650856c04c1abdad20a0015402fb7d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in arcturus-toml-carpo-postcss-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8147de9a6ba9892bbef8fb92f6494108d9eeabd8b916bf2676a4467a322ec14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in atlas-neptune-postcss-private (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3642a23ed879e58d8e6a28ce1fe2b4842279d353ee9f22be6c766e7a10de4b67 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ursa-rocket-postcss-janus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37cae97ac55a7b319cca4e3372d42af7f11f5411dab6a8c8a51d5898dec63432 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...