Malicious code in postcss-loader-pegasus-registry-chai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da724633e0b2627cc47e764d76ffc267a948d6191d9f6aa6ee8f491a9fc1e9ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123531

Malicious code in postcss-loader-commitizen-foundation-xenos npm...

EUVD-2025-124257

Malicious code in nova-postcss-loader-nuxtjs-duplex npm...

EUVD-2025-124385

Malicious code in node-sass-eleventy-framework-postcss-loader npm...

Malicious code in postcss-loader-europa-webdriver-mocha-arcturus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f420b2d238f8b63539924380a7ae973c5a1f00146ed74ba4166c0ec6b1e96e71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120710

Malicious code in vuetify-postcss-loader-mongodb-less npm...

EUVD-2025-115302

Malicious code in cli-npm-postcss-loader-juno npm...

Malicious code in reveal-md-postcss-loader-enceladus-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3b7e1975ba8584db82d63f8d4ed5cfc113066d24a35aac8206fb73a8d4b315c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sagitta-zephyr-andromeda-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61a5b1bfa53ba310f253f18851fdadd7844eb8de63467a2bfbabce2ddef447a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113204

Malicious code in gemini-nova-postcss-loader-grus npm...

EUVD-2025-112181

Malicious code in jest-rigel-postcss-loader-sqlite npm...

MAL-2025-148012 Malicious code in slidev-postcss-loader-non-blocking-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 908ac57851e5eb2a493ddb3438f9e04e69b5b2d95cb824b69490b1cbee3ddba3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146397 Malicious code in postcss-loader-halley-middleware-xanadu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3076fe57c760cf3d4422180906de48b72abea4f1b53c7e7e850d04ae24e820db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142911 Malicious code in gemini-postcss-loader-quantum-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 025ab4f53ac3540ff0cd2eb7fbe2d4c11d635f63020d4195a445991a4c7d4566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147756 Malicious code in sedna-carpo-command-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38a24b4b00f49c87b40537793e078710621ed57e859a9a24b4c06e73f4a01690 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120740

Malicious code in vortex-postcss-loader-auriga-webpack npm...

Malicious code in postcss-loader-slidev-gulp-bellatrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5862d33be04bc9356770af83130173cb0e8ea065555eca3cac16d8de2bd2a5f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146409 Malicious code in postcss-loader-semantic-release-slides-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 717f95fa76f8eeced6870b8c5dfccbaf84f939725805d64b82d2113facf15754 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139577 Malicious code in arcturus-toml-carpo-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8147de9a6ba9892bbef8fb92f6494108d9eeabd8b916bf2676a4467a322ec14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146390 Malicious code in postcss-loader-commitizen-foundation-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3544c8a28f043aa9e67e4ced4509db2908ad6675975cdeb4198f6d034572831a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...