EUVD-2025-121373

Malicious code in terser-webpack-plugin-materialize-hugo-neptune npm...

EUVD-2025-122622

Malicious code in request-loglevel-webdriver-mocha-hugo npm...

EUVD-2025-122234

Malicious code in schema-arcturus-relay-hugo npm...

EUVD-2025-122215

Malicious code in scorpius-deimos-hugo-csv npm...

EUVD-2025-122155

Malicious code in sedna-hugo-webdriver-manager-centauri npm...

EUVD-2025-123539

Malicious code in postcss-chalk-cassini-hugo npm...

EUVD-2025-123519

Malicious code in postcss-loader-nightwatch-hugo-tethys npm...

EUVD-2025-123305

Malicious code in procyon-supervisor-mongoose-hugo npm...

EUVD-2025-123199

Malicious code in proxima-mdx-hugo-draco npm...

EUVD-2025-123127

Malicious code in publish-miranda-hugo-hermes npm...

EUVD-2025-123045

Malicious code in pyxis-halley-hugo-unuk npm...

EUVD-2025-123019

Malicious code in quantum-hugo-markdown-pdf-registry npm...

EUVD-2025-124047

Malicious code in optimize-css-assets-webpack-plugin-yildun-hugo-nova npm...

EUVD-2025-123989

Malicious code in package-hugo-event-impulse npm...

EUVD-2025-123922

Malicious code in pavo-hugo-winston-iota npm...

Malicious code in xml-perseus-hugo-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc55b3380923a446f1f22ae46d93a9bac5996bffd9c7f77b2435786fad188cd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113370

Malicious code in fusion-non-blocking-hugo-commitlint npm...

EUVD-2025-113159

Malicious code in global-writable-hugo-yonder npm...

EUVD-2025-113079

Malicious code in gridsome-auriga-hugo-query npm...

EUVD-2025-113075

Malicious code in gridsome-dependencies-hugo-ganymede npm...