EUVD-2025-35143

Malicious code in webpack-css-load-branch npm...

Malicious Package

Overview webpack-css-load-branch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious code in webpack-css-load-branch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ebc3a0cfad4acfa46f4ea9e57edb732f20403908d855eca202b5ad08df232468 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48538 Malicious code in webpack-css-load-branch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ebc3a0cfad4acfa46f4ea9e57edb732f20403908d855eca202b5ad08df232468 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-domain data theft with CSS load

CSS can be loaded cross-domain, and in some cases it is be possible to read the data pointed to, leading to the possibility of cross-domain data theft...