402 matches found
EUVD-2025-178499
Malicious code in hugo-capella-janus-nucleosynthesis npm...
EUVD-2025-178498
Malicious code in hugo-mini-css-extract-plugin-ophiuchus-convict npm...
EUVD-2025-178497
Malicious code in hugo-miranda-prettier-stylelint-xenon npm...
EUVD-2025-178496
Malicious code in hugo-nashira-boson-passport npm...
EUVD-2025-178495
Malicious code in hugo-plutology-comet-cluster npm...
EUVD-2025-178494
Malicious code in hugo-unuk-leda-altair npm...
EUVD-2025-178493
Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax npm...
EUVD-2025-178404
Malicious code in init-parcel-run-script-hugo npm...
EUVD-2025-179460
Malicious code in css-minimizer-webpack-plugin-hugo-gemini-command npm...
EUVD-2025-179172
Malicious code in elektra-xml-grus-hugo npm...
EUVD-2025-180308
Malicious code in asteroid-winston-eclipse-hugo npm...
EUVD-2025-180056
Malicious code in biomimicry-kuiperbelt-castor-hugo npm...
EUVD-2025-179979
Malicious code in boson-hugo-cosmology-mineralogy npm...
EUVD-2025-177170
Malicious code in pino-pretty-kuiperbelt-vulcan-hugo npm...
Malicious code in hugo-nashira-boson-passport (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728679d568943b8e701a38466dcaf011a95064ea258b5e16ed806bdee8ef90f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177701
Malicious code in native-izar-hugo-start npm...
MAL-2025-187382 Malicious code in hugo-build-configstore-rollup-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9153c124f5d5e6316c12ad12d229ee3d86fb12c8b46821aa50e1b4c2d6c78a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179288
Malicious code in docusaurus-hugo-uglify-js-dione npm...
MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187386 Malicious code in hugo-nashira-boson-passport (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728679d568943b8e701a38466dcaf011a95064ea258b5e16ed806bdee8ef90f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...