Malicious code in gulp-nightmare-postcss-cordelia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 100e04c09f791909f37fc08b18b6c1c118ce6c84eb94a477f339f2bd455a5caf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in slidev-postcss-loader-non-blocking-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 908ac57851e5eb2a493ddb3438f9e04e69b5b2d95cb824b69490b1cbee3ddba3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124515

Malicious code in nestjs-terser-postcss-loader-await npm...

EUVD-2025-123542

Malicious code in postcss-atlas-graphql-spectron-webdriver npm...

EUVD-2025-120102

Malicious code in yonder-altair-commitlint-config-angular-postcss npm...

EUVD-2025-120386

Malicious code in wolf-cross-env-markdown-postcss-loader npm...

EUVD-2025-113004

Malicious code in grus-vulcan-postcss-terser npm...

EUVD-2025-116730

Malicious code in altair-xerxes-postcss-postgres npm...

Malicious code in xanadu-postcss-slides-reveal-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89a41a30b3763024f334b151b2995172907baf7eb8f012bf82cddcb6d471fa0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124596

Malicious code in nconf-postcss-loader-gatsby-electron npm...

Malicious code in canopus-hermes-postcss-loader-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64932e18462641061057f9a0061b3b7e8ed093628d7603b096014c31006ad72f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122312

Malicious code in sagitta-postcss-uninstall-delphinus npm...

EUVD-2025-113201

Malicious code in gemini-postcss-loader-quantum-resolvers npm...

Malicious code in postcss-loader-telesto-vulcan-phenomic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2d032771765afdffab124f10a56de31b135824b7fdd9e795e2ba150faca6d14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115223

Malicious code in comet-parcel-perseus-postcss-loader npm...

Malicious code in postcss-loader-child-process-element-ui-weywot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dc10cb21328b6fa7193c5174c025aab42f49ae52a684435b85bfcfe965e9bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-120224

Malicious code in xerxes-gridsome-postcss-loader-google npm...

EUVD-2025-123860

Malicious code in pegasus-upgrade-gravity-postcss npm...

EUVD-2025-111517

Malicious code in lynx-parcel-telesto-postcss npm...

Malicious code in postcss-await-janus-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24f95e8dca9374bd68093ca7b66d2bc1f9fe8b85ed4d42fe457323a52534de0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...