MAL-2025-142838 Malicious code in gatsby-css-minimizer-webpack-plugin-kinetic-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd3d7c7613ca3b24203a1a6b67a092b1b7c05ab67e78b886ed6158382f56e95f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141307 Malicious code in css-loader-metalsmith-rest-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 005841e6161cc0f0146a62615f6eae5c47197caabf44e0ba61f55a86dabe8a78 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140213 Malicious code in bulma-gatsby-gravity-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50ff803168b2fe3f1d2344f342c7f9d5a4fe781a3468e065bc15a5a06b0aeafe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148275 Malicious code in start-lint-staged-antares-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65ca9dec5af3f6986b7abaf03d78477121b87d0e5875637fd40a490404dd5368 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139649 Malicious code in atlas-mini-css-extract-plugin-equinox-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404eaf3881cfa0b5b7b50fc02a65725729afb42926f6345a7dedfe0f35627d70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145859 Malicious code in optimize-css-assets-webpack-plugin-commitizen-envconfig-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d50aa2e0311402f756bc306bf743331b6111d2ad0a80567bb1f6b9af5c82adc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145856 Malicious code in optimize-css-assets-webpack-plugin-achernar-non-blocking-mensa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3c3dcd2d7106f3ab301acd84ce92ac2fe07d3cb7896514991b57374a38f2209 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141306 Malicious code in css-loader-kaus-prettier-plugin-markdown-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c520d0a4a8fead49be08d7a48aa69a9c1ca93479e5758acbfae5f2819a1c65ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146343 Malicious code in polaris-galaxy-dione-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fe89b18978b330a37b7d1dbdf56eadbf5e873ddc9b39a4676a80187c71923c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142759 Malicious code in gacrux-css-minimizer-webpack-plugin-flare-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc8b4a91227e773e130eae13bfb68e4884b8fad2f307cf3ea714f2a8819940e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142758 Malicious code in gacrux-css-loader-puppeteer-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126ffaafe4f44d319ebfb460879e4201884b8b653ca7ccaa102f814685839875 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145461 Malicious code in nightwatch-css-loader-charon-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e44f89d3df24791b88771155d9b2f6a6e5560407e4703e03a79c06a90ca59d19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141608 Malicious code in despina-regulus-css-loader-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2f1aab80e4cce0b81ff5effcff1de0ccec604fd14553e05141f232ef3aa99ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148158 Malicious code in spica-css-loader-testcafe-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36597f416ec7c190e827446bd569c4ad103c21ea45306506b1fa9419bb85a499 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141604 Malicious code in despina-pegasus-mini-css-extract-plugin-sagitta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2cd25cf15f924783c9c0dd4ff35111ce8a5bb6b596dd67ab342567c9a9f3de6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149228 Malicious code in vulcan-css-loader-command-nconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0c75a1ddeac8182be8aefa40e93e61225edfd8a7eed0d9cebe0d2517f924b11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141327 Malicious code in css-minimizer-webpack-plugin-helmet-yonder-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3695ac089a989128e4b219331d647e5f45cf2b19e34bdf28bb8578d708503fa7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142677 Malicious code in framework-css-loader-enceladus-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ca66adcb9a358ad5603b9340d100d75f925c654af5e8dca026b61ea51b5db2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147984 Malicious code in slides-css-loader-callisto-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e15db063ad96961c26caa1aa5ee053211e5e9c88abed26b2e9f9f82a5714bdb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147165 Malicious code in rehype-css-loader-metalsmith-carina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fe2030d45e843d156fa16ca029b0f063d19d50a9ce988cc4c4a0fe0f2d6ac89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...