MAL-2025-143629 Malicious code in init-postcss-markdown-pdf-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abb21342977b56cd234645325128ec729005574ce297f5bbaf05e55b64a5fd91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114212

Malicious code in electron-builder-cassini-mutation-postcss-loader npm...

EUVD-2025-123506

Malicious code in postcss-loader-yakutsk-europa-orbit npm...

EUVD-2025-115747

Malicious code in canopus-hermes-postcss-loader-xanthus npm...

Malicious code in nova-postcss-loader-nuxtjs-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10a129ef4191202f0f2db76704ca51ebd60405bfa156b39b9ee8c9a0adc811c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111828

Malicious code in leda-pino-pretty-command-postcss npm...

EUVD-2025-124700

Malicious code in mutation-chromedriver-postcss-loader-proxima npm...

Malicious code in enif-postcss-winston-weywot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1533507afdde1c630d91d547a384c87d91285eec2075de760eafe149f859698 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114339

Malicious code in dotenv-safe-postcss-loader-taurus-webpack npm...

EUVD-2025-122082

Malicious code in semantic-ui-cluster-hermes-postcss-loader npm...

EUVD-2025-123504

Malicious code in postcss-neptune-ursa-nextjs npm...

EUVD-2025-123502

Malicious code in postcss-procyon-xanadu-run-script npm...

EUVD-2025-123499

Malicious code in postcss-slides-browserify-less-loader npm...

EUVD-2025-120827

Malicious code in venus-aldebaran-postcss-build npm...

EUVD-2025-112303

Malicious code in janus-firebase-postcss-loader-cygnus npm...

Malicious code in gemini-postcss-loader-quantum-resolvers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 025ab4f53ac3540ff0cd2eb7fbe2d4c11d635f63020d4195a445991a4c7d4566 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112385

Malicious code in iota-iota-avior-postcss-loader npm...

Malicious code in ora-postcss-dotenv-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc43970ee075cd25716951c0bb897ae904e4c67a131073593eb712d5dc1c224 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123516

Malicious code in postcss-loader-pegasus-registry-chai npm...

Malicious code in semantic-ui-cluster-hermes-postcss-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6a38dbba7b00e647d69f73f67ae222eb75a0da894f7044cf1f158e753ac6ab6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...