EUVD-2025-121380

Malicious code in terser-webpack-plugin-eslint-config-nightmare-native npm...

EUVD-2025-124764

Malicious code in mongoose-html-webpack-plugin-leda-semantic-ui npm...

EUVD-2025-114847

Malicious code in cross-env-optimize-css-assets-webpack-plugin-dependencies-nightwatch npm...

Malicious code in terser-webpack-plugin-dotenv-safe-bulma-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 393c86a40c20147d13ec71247ee073c845eddb0438bcca90cd59b24989b70662 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124331

Malicious code in nodemon-optimize-css-assets-webpack-plugin-epimetheus-changelog npm...

Malicious code in ophiuchus-loop-yaml-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d632874fbec3cd15f7617090139bd5b08fba0e32ae4c061de45fdb9738e80ab3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-canopus-antd-hyperion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 250032ab90b99c65c7a7cdc094d0ebde80678057059d92eb65925a01753e7d44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-blaze-pegasus-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67accb2c721894c9cc3ddef7520ceaba03aee1c6a0dd89bb3715b8912e8f2601 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124063

Malicious code in optimize-css-assets-webpack-plugin-cli-gatsby-aether npm...

EUVD-2025-121109

Malicious code in triton-html-webpack-plugin-semantic-ui-cygnus npm...

EUVD-2025-116854

Malicious code in airbnb-antares-terser-webpack-plugin-oauth npm...

EUVD-2025-121980

Malicious code in sirius-css-minimizer-webpack-plugin-gulp-apex npm...

EUVD-2025-121586

Malicious code in style-loader-resolvers-alphard-css-minimizer-webpack-plugin npm...

MAL-2025-144930 Malicious code in meteor-registry-html-webpack-plugin-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffcb4c81fe48d0c658f380eebc91b6ea464b897f40f3f86ec2cb4a976f0646f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122694

Malicious code in release-it-node-sass-browserify-css-minimizer-webpack-plugin npm...

EUVD-2025-123861

Malicious code in pegasus-terser-webpack-plugin-less-loader-atlas npm...

EUVD-2025-121373

Malicious code in terser-webpack-plugin-materialize-hugo-neptune npm...

EUVD-2025-111210

Malicious code in meteor-corvus-heka-terser-webpack-plugin npm...

EUVD-2025-123530

Malicious code in postcss-loader-css-minimizer-webpack-plugin-achernar-barnard npm...

EUVD-2025-114692

Malicious code in cz-conventional-changelog-dotenv-parse-variables-optimize-css-assets-webpack-plugin-elektra npm...