Malicious code in cosmiconfig-cressida-style-loader-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94271e0ad39049b5652876cee88d242361da4605c8f8899fd662c77483075950 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113911

Malicious code in eslint-config-galaxy-postcss-loader-meissa npm...

EUVD-2025-114372

Malicious code in dotenv-parse-variables-vuetify-winston-sass-loader npm...

EUVD-2025-120975

Malicious code in uninstall-browserify-ganymede-postcss-loader npm...

EUVD-2025-121730

Malicious code in spinner-fomalhaut-postcss-loader-private npm...

EUVD-2025-122599

Malicious code in resolvers-eslint-markdown-pdf-style-loader npm...

EUVD-2025-123528

Malicious code in postcss-loader-elara-izar-pino-pretty npm...

EUVD-2025-123489

Malicious code in postgres-geckodriver-less-loader-quark npm...

Malicious code in cors-framework-promise-sass-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c08b47433d07003e13f2c30807743c8b152d09fb9ce52429e162877aedcc69d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145217 Malicious code in mutation-bunyan-materialize-style-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dafd16f59961d7f0089c5ad1a6a43e4deb50395ede6d4038ed260d6143ff3858 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

PT-2025-41312

Name of the Vulnerable Software and Affected Versions CCleaner versions 5.33.6162 CCleaner Cloud versions 1.07.3191 Description CCleaner and CCleaner Cloud contained a malicious pre-entry-point loader that redirects execution to a custom loader. This loader decodes an embedded blob into shellcode...

MAL-2025-45552 Malicious code in phylogenetics-adonis-postcss-loader-frontend (npm)

The package phylogenetics-adonis-postcss-loader-frontend was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2022-0544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image...

Malicious code in yakutsk-protractor-vuetify-less-loader (npm)

The package yakutsk-protractor-vuetify-less-loader was found to contain malicious code...

Malicious code in carina-google-radiant-less-loader (npm)

The package carina-google-radiant-less-loader was found to contain malicious code...

MAL-2025-21248 Malicious code in geckodriver-pipe-quasar-css-loader (npm)

The package geckodriver-pipe-quasar-css-loader was found to contain malicious code...

MAL-2025-21897 Malicious code in gravitationalwave-phoebe-less-loader-decoherence (npm)

The package gravitationalwave-phoebe-less-loader-decoherence was found to contain malicious code...

MAL-2025-31881 Malicious code in readable-protractor-standard-postcss-loader (npm)

The package readable-protractor-standard-postcss-loader was found to contain malicious code...

MAL-2025-16553 Malicious code in carina-google-radiant-less-loader (npm)

The package carina-google-radiant-less-loader was found to contain malicious code...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Loader component of Google Chrome prior to version 136.0.7103.113 allowed a remote attacker to leak cross-origin data through a crafted HTML page. Chromium security severity: High...