EUVD-2025-112744

Malicious code in html-webpack-plugin-postcss-aether-magellan npm...

EUVD-2025-123530

Malicious code in postcss-loader-css-minimizer-webpack-plugin-achernar-barnard npm...

EUVD-2025-121105

Malicious code in triton-phoebe-lint-staged-postcss npm...

EUVD-2025-113053

Malicious code in grunt-development-postcss-loader-hydra npm...

Malicious code in venus-aldebaran-postcss-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fef214a4133030f8fa65da187e1e76bafcd0e723c5e4aa8b2eb3bf3d7588f2be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123816

Malicious code in perseus-postcss-loader-thuban-cosmiconfig npm...

EUVD-2025-122226

Malicious code in schema-init-cosmiconfig-postcss-loader npm...

EUVD-2025-123514

Malicious code in postcss-loader-sagitta-dynamo-altair npm...

EUVD-2025-123540

Malicious code in postcss-capella-jabbah-phenomic npm...

EUVD-2025-123654

Malicious code in pipe-query-puppeteer-postcss npm...

EUVD-2025-115507

Malicious code in chai-postcss-loader-subscription-epimetheus npm...

EUVD-2025-121430

Malicious code in telesto-pulsar-postcss-loader-indus npm...

EUVD-2025-120936

Malicious code in update-child-process-xerxes-postcss npm...

Malicious code in postcss-yaml-lynx-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7991fb1fffadbc9283f03779f51fa19d71c12c033f9ba3a11c26f4941dcd670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124280

Malicious code in norma-fusion-corvus-postcss-loader npm...

EUVD-2025-113905

Malicious code in eslint-config-postcss-loader-ignite-webdriver-mocha npm...

EUVD-2025-122307

Malicious code in sagitta-registry-andromeda-postcss npm...

EUVD-2025-124594

Malicious code in nconf-procyon-postcss-ora npm...

Malicious code in postcss-loader-quito-iota-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ff2bf6dc026adfb7fcf087d65584c298b75dd1842c5baff878381350cd0ad5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146766 Malicious code in public-postcss-loader-nconf-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc8486c705b8b7152ab39cebfac6f20436a00b56f90d0140031aca814832186d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...