MAL-2025-146343 Malicious code in polaris-galaxy-dione-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fe89b18978b330a37b7d1dbdf56eadbf5e873ddc9b39a4676a80187c71923c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141309 Malicious code in css-loader-octans-acamar-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5a0eb27ce8f5a2dfcaca555b902c33e0adef4bc2fe29a0608fab6b0b3a2244 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in css-loader-soap-elektra-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02bd7db49f120b636f5d8a86022af64e2403f9c6397fdaa301235a9bca6c2be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-17791 Malicious code in css-loader-google-jabbah-orbit (npm)

The package css-loader-google-jabbah-orbit was found to contain malicious code...