665 matches found
EUVD-2025-179461
Malicious code in css-minimizer-webpack-plugin-hermes-spectron-pavo npm...
MAL-2025-188685 Malicious code in phoenix-perseus-mocha-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab6606c12f1d8a31b4ffa60bdd8a08643e40c577af49e628586123bd9d36ae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187815 Malicious code in lint-staged-lint-staged-auth-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03253bd76fedc24d55504b970d032ee47ad508a341ba8a5531490b0b9ae15ee3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188142 Malicious code in mui-norma-callisto-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e50dd2b2d8d78ce8e36999c312857463758a39ad904e094dc54163e473bf5c54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186753 Malicious code in enif-terser-webpack-plugin-sass-loader-spectron-webdriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a30834a5fbe857adb14874de5f845460556c9a36ba75d7c2eee5f917aa980bd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187972 Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3eedff5af78c38d953cd8a24a97713690a208d01ffa5df7018314e5f3ba5667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187372 Malicious code in html-webpack-plugin-atlas-global-lacerta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d76c400c13c978ef6cec8cf7e638527ede28cbd33c8bdda65e4c91e8e97c489e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188627 Malicious code in perseus-lyra-css-minimizer-webpack-plugin-loop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7d3d9b81812427d006a9d83aedc8ab35ae99c772c8d05c7007ddb3d17c3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185824 Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99d6b16ce5f9ad8a4b63643f29ff2a163289920ad64bab9677fc22fda67ddb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189875 Malicious code in terser-webpack-plugin-nestjs-umbriel-cluster (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5383d1d73e04c37c0a2d6b250a999810d40f5479e51250c1e31ccd8bde1485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186074 Malicious code in ceres-redis-umbra-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c562522cf6b72f448c78de70d7ff9552bde4eb19fa9ebfb50cab599b1bf80c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189878 Malicious code in terser-webpack-plugin-spectron-webdriver-sirius-enceladus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d806205b74b56ad6447e53075cc4a8f467cf38ad549070b55924b5674f905531 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178548
Malicious code in hercules-css-minimizer-webpack-plugin-cz-conventional-changelog-dorado npm...
EUVD-2025-178745
Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin npm...
Malicious code in bunyan-redis-capella-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56b9ec0c5fa82205dee259b73ad694a1c72663bb5a0d4d0e23c5bbbfbe461f40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190289 Malicious code in webpack-exec-adonis-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 857c1b3d5dd82954dd7c80c0e8fe57793032b251a6480c942c336ce83d6b774f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188465 Malicious code in orbit-html-webpack-plugin-xml-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08fb8c907f7e235373242f869cd54f573229f75943e3b713df6ab822fa2142e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186406 Malicious code in csrf-bootes-html-webpack-plugin-ichnology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e683c14d1e59c58cadcd514400f46ff49670101cb068cc2ecf1d95b413dcf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177430
Malicious code in optimize-css-assets-webpack-plugin-terser-rollup-plugin-registry npm...
Malicious code in meteor-registry-html-webpack-plugin-gravity (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffcb4c81fe48d0c658f380eebc91b6ea464b897f40f3f86ec2cb4a976f0646f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...