665 matches found
Malicious code in html-webpack-plugin-hyperion-vulcan-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b341a0c15bb2ca0e6a7ae84ac4e02681230227fc30a00d3a2f1af1c0d6f4f74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-123264
Malicious code in promise-yildun-html-webpack-plugin-mocha npm...
Malicious code in dynamo-kronos-loop-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1facc111643156c60818083a3221391ae68c90805f74a1411946c0be5cc3821 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in html-webpack-plugin-sedna-css-loader-nebula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51b8fdb4d679e44dce5f94d31b2b02d247d6d9cadee2a0d6ef9711492a2d56a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in html-webpack-plugin-astro-blitz-procyon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dd60d4c15ba4743a5534b1eb8ea3d9e85b07a6b0c815b5ad417301435de30ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-123287
Malicious code in promise-cressida-link-html-webpack-plugin npm...
EUVD-2025-114777
Malicious code in css-minimizer-webpack-plugin-pm2-react-bootstrap-webdriverio npm...
EUVD-2025-124082
Malicious code in ophiuchus-rest-pyxis-html-webpack-plugin npm...
EUVD-2025-121773
Malicious code in spica-capella-optimize-css-assets-webpack-plugin-local npm...
MAL-2025-144700 Malicious code in markdown-pdf-optimize-css-assets-webpack-plugin-ursa-envconfig (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb6fa6a40691312a14cdb3ec297911446378ff71f510e643208327979aae313 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148152 Malicious code in spica-capella-optimize-css-assets-webpack-plugin-local (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89f124e4d557c8feabc6de44830d46d279b20eda791ae7444d095204eba1dc2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144905 Malicious code in meteor-corvus-heka-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 479cdad0f54173ac42f22e183a69a52bf1784726c75ba6dc76eb8c6b38dab700 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146635 Malicious code in promise-cressida-link-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55087f73e61906bf5e0de5f431ab2561dc61d4dc847696b9b09fb2b7b812ef23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144486 Malicious code in local-fork-postgres-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a55b74dedb1f55e866a3e57ff1b1150151ebfce27b4a2d1e0fa1033db37c196 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148352 Malicious code in subscription-css-minimizer-webpack-plugin-carpo-lynx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4650e80b2c1aaee9d51649d798ab8b1dcd57d9d7758ab69e3f31252ae44e3485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145108 Malicious code in module-lint-rehype-optimize-css-assets-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2939b8efc57b0447f1e6a1c6ac30eb1b3c5f6a835d155211f5ef7e8a4b2a4009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149261 Malicious code in warp-avior-html-webpack-plugin-webpack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b11f9b6bfc7e569e71fb19a7e5a3323ecd22de9a47e30dbccd610e408eebd4c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143365 Malicious code in html-webpack-plugin-janus-nightwatch-epimetheus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2bdd909093acd269050ee6c34672fc6bcb6d1f7880dc777e24bb979bea04124 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vue2-script-ext-html-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 747331ee9a0695a63f863ebc84ad9508b515a9c8dfe77477314ff8de5a5aba40 The package vue2-script-ext-html-webpack-plugin was found to contain malicious code...
EUVD-2025-37270
Malicious code in vue2-script-ext-html-webpack-plugin npm...