EUVD-2025-112003

Malicious code in karma-heka-shelljs-css-minimizer-webpack-plugin npm...

EUVD-2025-121991

Malicious code in shelljs-warp-mongoose-betelgeuse npm...

EUVD-2025-112723

Malicious code in hugo-io-commitizen-shelljs npm...

EUVD-2025-124456

Malicious code in nightwatch-element-ui-wezen-shelljs npm...

EUVD-2025-122959

Malicious code in quasar-xanadu-ophiuchus-shelljs npm...

EUVD-2025-124573

Malicious code in nebula-meissa-shelljs-local npm...

EUVD-2025-122003

Malicious code in shelljs-markdown-webdriver-mocha-prettier-stylelint npm...

EUVD-2025-111441

Malicious code in magellan-webdriverio-shelljs-inquirer npm...

EUVD-2025-120736

Malicious code in vortex-vulcan-commitlint-config-angular-shelljs npm...

EUVD-2025-111607

Malicious code in loglevel-hydra-lyra-shelljs npm...

EUVD-2025-121218

Malicious code in toml-flare-shelljs-subscription npm...

EUVD-2025-113955

Malicious code in eridanus-shelljs-oberon-epimetheus npm...

EUVD-2025-111179

Malicious code in meteor-shelljs-miranda-oauth npm...

MAL-2025-141109 Malicious code in cordelia-shelljs-gulp-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7027c32eb0a3ba723ebe11ca4df1274d19f003ef78d0984d760230a9baaef860 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141329 Malicious code in css-minimizer-webpack-plugin-meissa-shelljs-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ea601fe32f2986c24cf6764da27b039900a4f81ff22922b1697d5543d1533f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140425 Malicious code in carina-rocket-shelljs-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca87fececdbfe1c01f7b543ecf0508dc2cdcadff80d76f5c99691cfd4d27abfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-116338

Malicious code in avior-cz-conventional-changelog-shelljs-zenobia npm...

EUVD-2025-114780

Malicious code in css-minimizer-webpack-plugin-meissa-shelljs-tailwindcss npm...

EUVD-2025-122000

Malicious code in shelljs-nightmare-perseus-elektra npm...

EUVD-2025-121992

Malicious code in shelljs-ursa-fornax-luna npm...