MAL-2025-190916 Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

EUVD-2025-175972

Malicious code in tethys-acamar-protractor-html-webpack-plugin npm...

EUVD-2025-177573

Malicious code in node-config-phoenix-regulus-html-webpack-plugin npm...

EUVD-2025-176889

Malicious code in pyxis-alphard-event-html-webpack-plugin npm...

Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179933

Malicious code in bunyan-redis-capella-html-webpack-plugin npm...

EUVD-2025-175871

Malicious code in troposphere-comet-changelog-html-webpack-plugin npm...

EUVD-2025-178504

Malicious code in html-webpack-plugin-vega-atlas-fetch npm...

MAL-2025-187379 Malicious code in html-webpack-plugin-version-vulcan-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9dde5432372bf813eb46eb9929fc1e8fbcf613a4f116a4677f9fa73a2800edb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176604

Malicious code in rollup-plugin-html-webpack-plugin-cordelia-rollup npm...

MAL-2025-186406 Malicious code in csrf-bootes-html-webpack-plugin-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e683c14d1e59c58cadcd514400f46ff49670101cb068cc2ecf1d95b413dcf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bunyan-redis-capella-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56b9ec0c5fa82205dee259b73ad694a1c72663bb5a0d4d0e23c5bbbfbe461f40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175845

Malicious code in ultra-html-webpack-plugin-zenith-quito npm...

EUVD-2025-178505

Malicious code in html-webpack-plugin-taphonomy-test-coronalmassejection npm...

Malicious code in html-webpack-plugin-deimos-toml-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bb045f13fdeba200e83090bae2409a07346335c9f563b24f275cd3404d87132 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178509

Malicious code in html-webpack-plugin-deimos-toml-command npm...

Malicious code in spica-html-webpack-plugin-kronos-husky (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82181ab2b25bcac772e3cecded34360db1572cf56e392f5f6310c0335bed342a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185890 Malicious code in bootstrap-futurology-bootstrap-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b104189a74b27deed81a647b36a22f7fbca02dfd1483495bc1805ff2b673e36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186212 Malicious code in comet-auth-html-webpack-plugin-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f5b037c3a10e0eb5d63054a411dd6a2daeb791121c669593b5602687a52454b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179670

Malicious code in comet-auth-html-webpack-plugin-request npm...