665 matches found
MAL-2025-143361 Malicious code in html-webpack-plugin-epimetheus-unuk-configstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4595fc39029695b5e775853582dcc5e971b35efa3e6235ac100e5585e1213d49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148275 Malicious code in start-lint-staged-antares-css-minimizer-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65ca9dec5af3f6986b7abaf03d78477121b87d0e5875637fd40a490404dd5368 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-124392
Malicious code in node-sass-callisto-html-webpack-plugin-vulcan npm...
EUVD-2025-121980
Malicious code in sirius-css-minimizer-webpack-plugin-gulp-apex npm...
EUVD-2025-112756
Malicious code in html-webpack-plugin-astro-blitz-procyon npm...
EUVD-2025-121383
Malicious code in terser-webpack-plugin-csv-transform-native npm...
MAL-2025-146162 Malicious code in phoebe-metalsmith-css-minimizer-webpack-plugin-umbra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c7758742d6ce3f84c41f899059c9fa2f6d10ec4d81abe2446f4316493355a77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121650
Malicious code in start-lint-staged-antares-css-minimizer-webpack-plugin npm...
MAL-2025-143364 Malicious code in html-webpack-plugin-hyperion-vulcan-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b341a0c15bb2ca0e6a7ae84ac4e02681230227fc30a00d3a2f1af1c0d6f4f74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148544 Malicious code in terser-webpack-plugin-child-process-bunyan-rollup-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4839b0d11bd49cc80454d892a0010eb13cfbad005fb5bf93717d6f499ff2dd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146635 Malicious code in promise-cressida-link-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55087f73e61906bf5e0de5f431ab2561dc61d4dc847696b9b09fb2b7b812ef23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145874 Malicious code in optimize-css-assets-webpack-plugin-yildun-hugo-nova (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d40cca4431ebe10a20e76cb02d720527955bc8358a7289cd5744c41ee9d29c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140301 Malicious code in callback-optimize-css-assets-webpack-plugin-indus-markdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2c7bc08e32678dbc7a5f4c90b7c8e47cbb9d8fb461d41c5454e9bcc13d054b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144700 Malicious code in markdown-pdf-optimize-css-assets-webpack-plugin-ursa-envconfig (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb6fa6a40691312a14cdb3ec297911446378ff71f510e643208327979aae313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144913 Malicious code in meteor-html-webpack-plugin-mui-selenium (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2ba44be2ccd673c3f19ceb7a542f761f31250400b8f3caa7ffa5327a7e58323 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148352 Malicious code in subscription-css-minimizer-webpack-plugin-carpo-lynx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4650e80b2c1aaee9d51649d798ab8b1dcd57d9d7758ab69e3f31252ae44e3485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143375 Malicious code in html-webpack-plugin-upgrade-remark-enceladus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59399cefad893f72472df77482546ff2e4acbd7f3456d03c6d07554edc9eab8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143421 Malicious code in husky-loop-writable-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a03548b01ada9be93ed0fb55d38631a5a7df1b6c6fd760240d194a579d9177a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143365 Malicious code in html-webpack-plugin-janus-nightwatch-epimetheus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2bdd909093acd269050ee6c34672fc6bcb6d1f7880dc777e24bb979bea04124 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145489 Malicious code in nightwatch-terser-webpack-plugin-auth-callisto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8330b970ea27a9a8326babaa86a72618b895c2a775a610dbb6a8d80ff93ff11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...