Malicious code in bunyan-redis-capella-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56b9ec0c5fa82205dee259b73ad694a1c72663bb5a0d4d0e23c5bbbfbe461f40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-non-blocking-html-webpack-plugin-astrophysics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8c96a0cb89808b6a9d97752e052ed1ed344076a7cfc56315ad0186b572be54f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in development-postcss-loader-webpack-cosmicweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc7d279a0f29b5bca794be3e6921a4e2c28a76db57e85d79fa4f0cca9313cb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eris-slidev-iota-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df597c8562db9900df55e7a3e8d03179009373f184183e35c90f96a6edfe0739 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in fork-webpack-kastra-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa08ae10f43fded7688f06c4437636a450b0f4c86bfd008f64545bbd3f8d558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in html-webpack-plugin-deimos-toml-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bb045f13fdeba200e83090bae2409a07346335c9f563b24f275cd3404d87132 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nodemon-terser-webpack-plugin-private-mantle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e48a9fd6450f06e90ee5d9956c154c4f2502f33ea2ea4855e7091ec32a7172e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in parsec-kaus-optimize-css-assets-webpack-plugin-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97de95755cec1310fe309f1de9501ac87d304da7024b581ecddb59c229de0c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in perseus-global-meissa-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d1ec9c95ff2971057d9bc9322cd0e3f96d82bf169f302e6f77174d3922dff9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in spica-html-webpack-plugin-kronos-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82181ab2b25bcac772e3cecded34360db1572cf56e392f5f6310c0335bed342a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in terser-webpack-plugin-centaurus-version-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3c5c34ad44ac941803db664d6a785fac2fd342500558c1c26e98ba07c786178 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176284

Malicious code in solis-semantic-release-pm2-css-minimizer-webpack-plugin npm...

EUVD-2025-176273

Malicious code in spawn-webpack-nightwatch-slides npm...

EUVD-2025-176252

Malicious code in spica-html-webpack-plugin-kronos-husky npm...

EUVD-2025-176225

Malicious code in standard-saturnology-webpack-pm2 npm...

EUVD-2025-176115

Malicious code in supernova-astrochemistry-webpack-supervisor npm...

EUVD-2025-176089

Malicious code in sync-taurus-cluster-webpack npm...

EUVD-2025-176005

Malicious code in terser-webpack-plugin-andromeda-zenobia-pavo npm...