EUVD-2025-124063

Malicious code in optimize-css-assets-webpack-plugin-cli-gatsby-aether npm...

EUVD-2025-121386

Malicious code in terser-webpack-plugin-airbnb-test-node-sass npm...

MAL-2025-139316 Malicious code in alphard-aurora-css-minimizer-webpack-plugin-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cadd965cb26d39282845d1f921990c4270984dbf20e54e6ba597fdd8158afe87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143395 Malicious code in hugo-neptune-mui-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10eed867170bdb10f37fc7c4c60669789a3178c8f7dffdd348dd2f58ae32db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146162 Malicious code in phoebe-metalsmith-css-minimizer-webpack-plugin-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c7758742d6ce3f84c41f899059c9fa2f6d10ec4d81abe2446f4316493355a77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143421 Malicious code in husky-loop-writable-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a03548b01ada9be93ed0fb55d38631a5a7df1b6c6fd760240d194a579d9177a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114784

Malicious code in css-minimizer-webpack-plugin-eleventy-writable-public npm...

MAL-2025-144930 Malicious code in meteor-registry-html-webpack-plugin-gravity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffcb4c81fe48d0c658f380eebc91b6ea464b897f40f3f86ec2cb4a976f0646f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141331 Malicious code in css-minimizer-webpack-plugin-perseus-phoebe-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21f4c0c782d6c378089168b89d8b9dc2f864bbb057f8c45669d8132fe4c260f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143356 Malicious code in html-webpack-plugin-astro-blitz-procyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dd60d4c15ba4743a5534b1eb8ea3d9e85b07a6b0c815b5ad417301435de30ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124764

Malicious code in mongoose-html-webpack-plugin-leda-semantic-ui npm...

EUVD-2025-114847

Malicious code in cross-env-optimize-css-assets-webpack-plugin-dependencies-nightwatch npm...

Malicious code in terser-webpack-plugin-dotenv-safe-bulma-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 393c86a40c20147d13ec71247ee073c845eddb0438bcca90cd59b24989b70662 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in geckodriver-lyra-terser-webpack-plugin-centauri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 574c8f5ff036967a5e3b226fc20d99ae1fecf14ea93e18b4e9863c82e5c82e5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121969

Malicious code in sirius-html-webpack-plugin-izar-europa npm...

EUVD-2025-122694

Malicious code in release-it-node-sass-browserify-css-minimizer-webpack-plugin npm...

EUVD-2025-124502

Malicious code in nextjs-nestjs-html-webpack-plugin-vuetify npm...

EUVD-2025-115392

Malicious code in chariklo-winston-less-loader-optimize-css-assets-webpack-plugin npm...

EUVD-2025-121574

Malicious code in subscription-css-minimizer-webpack-plugin-carpo-lynx npm...

EUVD-2025-123861

Malicious code in pegasus-terser-webpack-plugin-less-loader-atlas npm...