402 matches found
EUVD-2025-112731
Malicious code in hugo-chalk-rigel-phoebe npm...
EUVD-2025-112725
Malicious code in hugo-elektra-quantum-wasat npm...
EUVD-2025-112706
Malicious code in hugo-tool-ignite-materialize npm...
EUVD-2025-116118
Malicious code in betelgeuse-hugo-promise-envconfig npm...
EUVD-2025-112926
Malicious code in hapi-jovian-hugo-umbriel npm...
Malicious code in hugo-mira-node-sass-nashira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e53c2ce75884a9a6585371f9a0621f88401c19a99cbc6608575c06f39381bca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112730
Malicious code in hugo-chariklo-oauth-carina npm...
Malicious code in gridsome-auriga-hugo-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5400b01f0a228464c1b8d83ed4a3fbf00d7d6e8f83f717883a54a3e3fc49282c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-123813
Malicious code in perseus-procyon-hugo-ophiuchus npm...
MAL-2025-143393 Malicious code in hugo-mira-xenon-adonis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7a07bb677957e70e2e949bba1c9e54ec32c7b5400c60f5cab5c2aa33b223c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146903 Malicious code in quantum-hugo-markdown-pdf-registry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08adf1c75f567cd583cfb7d669a22e2738f99135d6c5403ab383e0c51a6389f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142543 Malicious code in fomalhaut-hugo-rollup-plugin-concurrently (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a74d06ffce784053f018ae7e3a21129547d5cdfba1edf9f5677c976fc3e6855a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147449 Malicious code in rimraf-dotenv-safe-wasat-hugo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ccf289cbd205a33d2d44a901a7c9891a58d1e2ea2e6bcbdfbbeecc2e82fd0c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149159 Malicious code in virgo-hugo-vega-heka (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c502d4249c975a4bab93ef877ebd30cc2c9b3b46eb73351f5d2bf350f758b9a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-111588
Malicious code in loop-hugo-cz-conventional-changelog-markdown npm...
EUVD-2025-111497
Malicious code in lyra-wasat-hugo-nashira npm...
EUVD-2025-111194
Malicious code in meteor-node-config-hugo-fomalhaut npm...
EUVD-2025-112580
Malicious code in ignite-xenos-uglify-js-hugo npm...
EUVD-2025-112566
Malicious code in impulse-hugo-hermes-tailwindcss npm...
EUVD-2025-112489
Malicious code in init-hugo-markdownlint-hydra npm...