402 matches found
EUVD-2025-112464
Malicious code in inquirer-hugo-jupiter-envconfig npm...
EUVD-2025-112363
Malicious code in iota-wezen-sqlite-hugo npm...
Malicious code in ariel-zenobia-hugo-grunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a9c0bbfdb2f4db105e962a12099bc5ed6eacdad8927eaeb93adf91598749009 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in capella-aether-hugo-command (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5114b87d35b47d073d6ed470df9f820bdb04e3a4dfb72dc3c23d035f79c27096 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in deneb-astro-xenon-hugo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c30df2abcf22f557c7023e22a337b453c8f6233b50a59cb850d624a11cabd466 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dependencies-hugo-phenomic-node-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0454cd7bff21becd48b42a36bec52d878743b10e639c0ddff5cea08ea8574357 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hexo-hugo-apollo-kronos (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16946d8f8da98f1687d1b1461a244ac238e04e289dfe13b355f2cdc196d724c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hugo-neptune-mui-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10eed867170bdb10f37fc7c4c60669789a3178c8f7dffdd348dd2f58ae32db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hugo-prompts-install-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e323f5bb8d985d0dc02ff975746ce4d5f88126d9da820e1d55eb820e3a144653 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hugo-spectron-webdriver-oauth-husky (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d0ebeb42b34d178ed1859055aca3c46a2421dea6dab1676a05906f340af7f1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hugo-spinner-optimize-css-assets-webpack-plugin-luna (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef6530f326f3a9376699cc3340f33a0ee974cd41b8673b2e9ce2bf4aacce3bc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hugo-tethys-mini-css-extract-plugin-ceres (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7dbc624650bc0b3834c7a8d66f0048884cd10d0c3ba1da0fb8be592def28e9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in proxima-mdx-hugo-draco (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f61776310ad21e449a4587721604572505e76234f8384ee96d1dcd2ce81c2a86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quantum-hugo-markdown-pdf-registry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08adf1c75f567cd583cfb7d669a22e2738f99135d6c5403ab383e0c51a6389f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rimraf-morgan-hugo-quark (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff18a072eb34f9cbc9d7f1976d7bf811c57d791fdd1e5e63e36e842ed1b7936c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112703
Malicious code in hugo-yonder-bellatrix-mensa npm...
EUVD-2025-112710
Malicious code in hugo-spectron-webdriver-oauth-husky npm...
EUVD-2025-115559
Malicious code in centaurus-protractor-pegasus-hugo npm...
EUVD-2025-122266
Malicious code in sails-nodemon-apollo-hugo npm...
EUVD-2025-116186
Malicious code in barnard-perseus-hugo-nuxtjs npm...