EUVD-2025-178405

Malicious code in init-optimize-css-assets-webpack-plugin-nodejs-grus npm...

MAL-2025-188142 Malicious code in mui-norma-callisto-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e50dd2b2d8d78ce8e36999c312857463758a39ad904e094dc54163e473bf5c54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187374 Malicious code in html-webpack-plugin-hologram-stream-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f786614246d2d9d6432c8d36c1015a7c75b9a2b3c99baa78f244a48ad6eb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179457

Malicious code in css-minimizer-webpack-plugin-virtualreality-ignite-node-sass npm...

MAL-2025-187378 Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187972 Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3eedff5af78c38d953cd8a24a97713690a208d01ffa5df7018314e5f3ba5667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188917 Malicious code in proxima-ophiuchus-geckodriver-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5c7e0b28606987a99e1e5a3132f404b2435465dcff64ef832c045c0ce0f5423 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177098

Malicious code in postcss-html-webpack-plugin-enif-ultra npm...

EUVD-2025-178416

Malicious code in inflation-technocracy-css-minimizer-webpack-plugin-await npm...

EUVD-2025-180295

Malicious code in astrobiology-sedna-archaeogenetics-css-minimizer-webpack-plugin npm...

EUVD-2025-180273

Malicious code in async-css-minimizer-webpack-plugin-heka-redgiant npm...

EUVD-2025-177301

Malicious code in passport-selenium-terser-webpack-plugin-juno npm...

EUVD-2025-177910

Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged npm...

Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc399df1baa583fe9c5b3c3d19473cebd1498ab6c0de46cdc1ef484368df6c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175923

Malicious code in toml-terser-webpack-plugin-process-prompts npm...

EUVD-2025-178503

Malicious code in html-webpack-plugin-version-vulcan-rollup npm...

EUVD-2025-175587

Malicious code in webpack-exec-adonis-terser-webpack-plugin npm...

MAL-2025-187030 Malicious code in fornax-janus-fusion-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0fb880a3bfb6b4d32d650b9778f2bab22b66cda0b72f0639a80bccf3fcd8cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189875 Malicious code in terser-webpack-plugin-nestjs-umbriel-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5383d1d73e04c37c0a2d6b250a999810d40f5479e51250c1e31ccd8bde1485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188465 Malicious code in orbit-html-webpack-plugin-xml-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08fb8c907f7e235373242f869cd54f573229f75943e3b713df6ab822fa2142e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...