EUVD-2025-175975

Malicious code in testcafe-postcss-europa-atlas npm...

MAL-2025-187402 Malicious code in hydra-markdown-pdf-resolvers-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3b797c75fdfd25ea211ed69e79105dbfa687f29b61dee7b5781593c49413254 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189025 Malicious code in quark-postcss-soap-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19ab6eb7fe1ae8807a5143e9fe44dc0700539f225b246bea505b8b47fe4081da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176850

Malicious code in quark-postcss-soap-nova npm...

EUVD-2025-178041

Malicious code in local-terser-postcss-loader-eventhoriz npm...

EUVD-2025-176009

Malicious code in terser-postcss-loader-bunyan-celeste npm...

Malicious code in holography-hercules-janus-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc0747bbcd6e1cb7fbbcd0dc7b214cd578ce9437437d5ff92c3122cd217d7f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189866 Malicious code in terser-postcss-loader-bunyan-celeste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8535f78567524d8b9c6926e20120a445a55b1ab1f7a69b7db5f380940c2fd10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188780 Malicious code in postcss-loader-hapi-publish-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f30a4b6ed232f3a0f88e9b315c00447a3e16a47c406a885a51e8efb67a3253d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in paleoecology-backend-hydrogeology-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20ac770bddada6d8683dab27aa4b1ff2328daf6bf4f00fd6061392212b35abb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178815

Malicious code in fusion-postcss-loader-supercluster-biohacking npm...

EUVD-2025-177097

Malicious code in postcss-loader-bootes-dotenv-parse-variables-csv npm...

Malicious code in nuxtjs-fomalhaut-postcss-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3531082acc33005105cb670ecb9ad95d910561eb968cd85dccd4a71b29b32d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177093

Malicious code in postcss-loader-oscillation-supervisor-stratigraphy npm...

EUVD-2025-177098

Malicious code in postcss-html-webpack-plugin-enif-ultra npm...

EUVD-2025-177101

Malicious code in postcss-babel-centauri-orbit npm...

EUVD-2025-175857

Malicious code in typeorm-postcss-process-biomimicry npm...

EUVD-2025-177099

Malicious code in postcss-gammarayburst-whitedwarf-archaeoastronomy npm...

MAL-2025-188774 Malicious code in postcss-babel-centauri-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 304c683267f7b701dbc99741dfd9571f4f23ae6cc76d8c453977e8cf968040fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188777 Malicious code in postcss-html-webpack-plugin-enif-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed318452e4290638abbef91f54d51d2d2f0ecfc9073c4d399951524680acd6f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...