MAL-2025-188308 Malicious code in node-config-mini-css-extract-plugin-bellatrix-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a0f4cb1363923700e234a126ba9afc3eb8cefa5fbc782a1ed68bce1e6c9fdf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177833

Malicious code in mini-css-extract-plugin-paleoecology-redis-release-it npm...

EUVD-2025-122144

Malicious code in sedna-nightwatch-postcss-loader-mini-css-extract-plugin npm...

EUVD-2025-111125

Malicious code in mini-css-extract-plugin-proxima-forever-altair npm...

EUVD-2025-120593

Malicious code in webdriver-manager-titan-mini-css-extract-plugin-izar npm...

EUVD-2025-112708

Malicious code in hugo-tethys-mini-css-extract-plugin-ceres npm...

MAL-2025-147721 Malicious code in scorpius-vuetify-metalsmith-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2186526dff27c6c4fa856cfe4c9936a3d13ab0f924c3f55f611a9ca589374cf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112525

Malicious code in ini-duplex-mini-css-extract-plugin-stream npm...

Malicious code in mysql-firebase-websockets-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 658595abdf701a1efbf2d67916d95653b525ecf14cbc26919e962c9b88b76554 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111129

Malicious code in mini-css-extract-plugin-passport-centaurus-eslint-plugin npm...

Malicious code in atlas-mini-css-extract-plugin-equinox-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 404eaf3881cfa0b5b7b50fc02a65725729afb42926f6345a7dedfe0f35627d70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ini-duplex-mini-css-extract-plugin-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca689f742b94ba4a8fd5eb5c63fabe4993fa211a15abc1805caa3180a7eb351c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111137

Malicious code in mini-css-extract-plugin-library-proxima-ultra npm...

EUVD-2025-115321

Malicious code in cli-browserify-mini-css-extract-plugin-frontend npm...

EUVD-2025-111120

Malicious code in mini-css-extract-plugin-semantic-release-rimraf-hermes npm...

EUVD-2025-115015

Malicious code in cordelia-blaze-mini-css-extract-plugin-markdown-pdf npm...

EUVD-2025-111142

Malicious code in mini-css-extract-plugin-cygnus-centauri-buffer npm...

EUVD-2025-111123

Malicious code in mini-css-extract-plugin-redis-tool-ignite npm...

EUVD-2025-124373

Malicious code in node-sass-mini-css-extract-plugin-spawn-apex npm...

MAL-2025-45561 Malicious code in pino-pretty-carpo-css-minimizer-webpack-plugin-mini-css-extract-plugin (npm)

The package pino-pretty-carpo-css-minimizer-webpack-plugin-mini-css-extract-plugin was found to contain malicious code...