Malicious code in thuban-css-minimizer-webpack-plugin-parcel-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba20e4a94027f3181217bb6bdd701c4838a02c50cd8a2bd55e6fdbc9ae2f0a46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115891

Malicious code in bulma-gatsby-gravity-css-loader npm...

EUVD-2025-123908

Malicious code in pavo-tethys-stop-css-minimizer-webpack-plugin npm...

EUVD-2025-114012

Malicious code in epimetheus-mini-css-extract-plugin-barnard-apollo npm...

EUVD-2025-115286

Malicious code in cluster-css-loader-halley-cressida npm...

MAL-2025-142758 Malicious code in gacrux-css-loader-puppeteer-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126ffaafe4f44d319ebfb460879e4201884b8b653ca7ccaa102f814685839875 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146013 Malicious code in pavo-tethys-stop-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e80ef22620456b87134e65d7274869649deef01e92932db075a10cbb52bc768 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142024 Malicious code in enceladus-css-loader-nuxtjs-eris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c483e9bf65770e7a71f5e4ead851865362008112e6ac859753ed4775f66af56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121598

Malicious code in stream-optimize-css-assets-webpack-plugin-nodemon-pulsar npm...

EUVD-2025-113605

Malicious code in firebase-optimize-css-assets-webpack-plugin-csv-superagent npm...

EUVD-2025-114105

Malicious code in eleventy-mini-css-extract-plugin-cordelia-middleware npm...

EUVD-2025-122696

Malicious code in release-it-mini-css-extract-plugin-prettier-plugin-markdown-commitlint npm...

EUVD-2025-113633

Malicious code in figures-postgres-tailwindcss-css-minimizer-webpack-plugin npm...

EUVD-2025-123880

Malicious code in pegasus-lyra-rate-limiter-css-minimizer-webpack-plugin npm...

EUVD-2025-123104

Malicious code in publish-taurus-css-loader-mensa npm...

EUVD-2025-115528

Malicious code in ceres-telesto-bootstrap-optimize-css-assets-webpack-plugin npm...

EUVD-2025-115623

Malicious code in castor-fetch-webdriver-manager-mini-css-extract-plugin npm...

Malicious code in triton-scripts-cygnus-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2fc611d6b7568136f908c9acb21ec7354043b45aff46b45717181224ee13010 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112046

Malicious code in jupiter-xanadu-optimize-css-assets-webpack-plugin-cressida npm...

EUVD-2025-123521

Malicious code in postcss-loader-mini-css-extract-plugin-development-heka npm...