5 matches found
Malicious code in postcss-minify-selector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc7341d6762a6209e4bde3d99f31f1a8650b6971e64a19547b9f35e7a51abb3 Package is published as postcss-minify-selector singular but its internal postcss plugin identifier is postcss-minify-selectors plural — the canonica...
Malicious code in @tailwind-core/postcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dab944715339b0fabcf954a92fd33faacbb4d878368c36ea5a7d26d72fe2e56 Package name @tailwind-core/postcss is a one-character-class edit of the official @tailwindcss/postcss Tailwind CSS v4 PostCSS plugin, published unde...
EUVD-2025-177089
Malicious code in postcss-proxima-eris-restart npm...
EUVD-2025-177098
Malicious code in postcss-html-webpack-plugin-enif-ultra npm...
MAL-2025-188777 Malicious code in postcss-html-webpack-plugin-enif-ultra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed318452e4290638abbef91f54d51d2d2f0ecfc9073c4d399951524680acd6f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...