Malicious code in cluster-css-loader-halley-cressida (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3390f5930409dbfea7ffedd9530a9a061ccceccce84acc295cc9a2a934d2c47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in io-hercules-css-loader-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a4730c20c72ed848b64de81d147fe71e37b657dd950372600a60273d31a4f79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111119

Malicious code in mini-css-extract-plugin-socketio-bellatrix-lint-staged npm...

Malicious code in eslint-plugin-perseus-css-loader-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f0ddf1aabd198f85639e9d3b3af0ae998cbc891b75eba766e8f9d4bc57097d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111129

Malicious code in mini-css-extract-plugin-passport-centaurus-eslint-plugin npm...

EUVD-2025-115404

Malicious code in chariklo-mini-css-extract-plugin-rollup-google npm...

EUVD-2025-111502

Malicious code in lyra-leda-css-loader-orbit npm...

EUVD-2025-123789

Malicious code in phenomic-eleventy-dynamo-mini-css-extract-plugin npm...

EUVD-2025-111664

Malicious code in lint-staged-dactyl-optimize-css-assets-webpack-plugin-less npm...

EUVD-2025-124265

Malicious code in nova-css-minimizer-webpack-plugin-prettier-meteor npm...

EUVD-2025-116648

Malicious code in antd-ganymede-iota-tailwindcss npm...

Malicious code in umbra-optimize-css-assets-webpack-plugin-radiant-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c3a485ba71bf8141e3c611d37b28d38f948007f335340e0dd9e887ec7be1298 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115453

Malicious code in chalk-run-script-prompts-css-loader npm...

EUVD-2025-112812

Malicious code in hermes-apex-css-minimizer-webpack-plugin-phoebe npm...

EUVD-2025-111193

Malicious code in meteor-node-sass-optimize-css-assets-webpack-plugin-soap npm...

EUVD-2025-114807

Malicious code in css-loader-flare-koa-react-bootstrap npm...

EUVD-2025-113349

Malicious code in gacrux-dagda-koa-css-loader npm...

EUVD-2025-122956

Malicious code in query-despina-css-minimizer-webpack-plugin-juno npm...

MAL-2025-146937 Malicious code in quark-sass-loader-tethys-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 116c1347633b8d82c9e598f6bbd05698b5712a0a16af782398747926b03a2c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141329 Malicious code in css-minimizer-webpack-plugin-meissa-shelljs-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ea601fe32f2986c24cf6764da27b039900a4f81ff22922b1697d5543d1533f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...