EUVD-2025-112816

Malicious code in hercules-shelljs-xerxes-janus npm...

EUVD-2025-121995

Malicious code in shelljs-sedna-kaus-callback npm...

EUVD-2025-111231

Malicious code in metalsmith-nashira-antares-shelljs npm...

EUVD-2025-121020

Malicious code in ultra-shelljs-aether-jasmine npm...

EUVD-2025-124435

Malicious code in nightwatch-shelljs-optimize-css-assets-webpack-plugin-meissa npm...

EUVD-2025-116663

Malicious code in antares-shelljs-vega-version npm...

EUVD-2025-116563

Malicious code in aquarius-markdownlint-shelljs-arcturus npm...

EUVD-2025-122016

Malicious code in shelljs-airbnb-morgan-protractor npm...

EUVD-2025-122000

Malicious code in shelljs-nightmare-perseus-elektra npm...

Malicious code in shelljs-csv-antares-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57e0289f23944cbef7e11f6498fa51536ecbbbd7d2ea016eb28509e35c602277 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123208

Malicious code in proxima-figures-axios-shelljs npm...

MAL-2025-147913 Malicious code in shelljs-farout-indus-version (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73d33e3ffe2787112ac2001ee15ede2dc2229ab29e8c9e967d06ea9ab158c0c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-122015

Malicious code in shelljs-ariel-ophiuchus-sails npm...

EUVD-2025-112618

Malicious code in hyperion-pino-pretty-levels-shelljs npm...

EUVD-2025-122002

Malicious code in shelljs-mongodb-eridanus-gemini npm...

EUVD-2025-123352

Malicious code in process-shelljs-neptune-taurus npm...

EUVD-2025-111745

Malicious code in levels-yaml-build-shelljs npm...

EUVD-2025-122879

Malicious code in rate-limiter-lynx-shelljs-gulp npm...

EUVD-2025-114598

Malicious code in delphinus-ariel-apex-shelljs npm...

MAL-2025-140120 Malicious code in bootstrap-shelljs-enif-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5d6bce3ea521ea3b8fa5d1f0d8d3c503d7a97fd2f7dc25e2a87d579491600c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...