Malicious code in postcss-loader-winston-transport-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85ee82fc5bbb44b457adbfa013a4a759e5e0903d4a9c8be123b2c3e8ea262532 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dagda-aquarius-postcss-loader-aquarius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f696dec9028c1ccf5ff7366778658b3df225e2bc8174ac216fa5b5fa5a39e8a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-child-process-element-ui-weywot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dc10cb21328b6fa7193c5174c025aab42f49ae52a684435b85bfcfe965e9bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122167

Malicious code in sedna-carpo-command-postcss-loader npm...

EUVD-2025-115223

Malicious code in comet-parcel-perseus-postcss-loader npm...

Malicious code in mutation-chromedriver-postcss-loader-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67015401d420f0d76976cc33d6c4b78a0808d48575356ada771e44ec5c50d631 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124596

Malicious code in nconf-postcss-loader-gatsby-electron npm...

MAL-2025-146389 Malicious code in postcss-loader-child-process-element-ui-weywot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dc10cb21328b6fa7193c5174c025aab42f49ae52a684435b85bfcfe965e9bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147841 Malicious code in semantic-ui-cluster-hermes-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6a38dbba7b00e647d69f73f67ae222eb75a0da894f7044cf1f158e753ac6ab6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143519 Malicious code in ignite-morgan-postcss-loader-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69416919d6a5f042a70f254596d0ddf47863aea254d55875387e2df7ffc3ebe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123518

Malicious code in postcss-loader-npm-child-process-gravity npm...

EUVD-2025-120226

Malicious code in xerxes-foundation-postcss-loader-aquarius npm...

Malicious code in postcss-loader-sagitta-dynamo-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c1bd822a752ca9487e572499a5598de7969ee9e78acd72d6c1fdc286859d9f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-telesto-vulcan-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2d032771765afdffab124f10a56de31b135824b7fdd9e795e2ba150faca6d14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cors-schema-nightwatch-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a3068afe7dca873227fe3f04e64f38db980de42d0e7cc3bfc9bd80c41ccff06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113201

Malicious code in gemini-postcss-loader-quantum-resolvers npm...

Malicious code in postcss-loader-style-loader-foundation-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a7af3a5be712e0cae8587eeca54d8551aab41011790b2cadb628fd9c4e66952 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123524

Malicious code in postcss-loader-halley-middleware-xanadu npm...

EUVD-2025-123525

Malicious code in postcss-loader-galaxy-kaus-cygnus npm...

EUVD-2025-123529

Malicious code in postcss-loader-dotenv-safe-yakutsk-dione npm...