MAL-2025-188779 Malicious code in postcss-loader-ganymede-metalsmith-farout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16d3d14c13f394da725b8d17c124c9aa3305c6a8dff021d59ab3c8fcc8fb610c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-development-cosmogenic-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f482ac6e62892d5ceda6f97905d2b05160346c3470ce98335fb68ac7972e391 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-commitizen-foundation-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3544c8a28f043aa9e67e4ced4509db2908ad6675975cdeb4198f6d034572831a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-yaml-lynx-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7991fb1fffadbc9283f03779f51fa19d71c12c033f9ba3a11c26f4941dcd670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...