EUVD-2025-123707

Malicious code in pino-cypress-nova-commitizen npm...

EUVD-2025-121224

Malicious code in toml-commitizen-mocha-epimetheus npm...

EUVD-2025-121027

Malicious code in ultra-nightwatch-commitizen-javascript npm...

EUVD-2025-115178

Malicious code in commitizen-fetch-leda-webpack npm...

EUVD-2025-112872

Malicious code in helios-quito-chai-commitizen npm...

EUVD-2025-111677

Malicious code in lint-fomalhaut-commitizen-pino npm...

EUVD-2025-112933

Malicious code in hapi-commitizen-update-semantic-release npm...

EUVD-2025-121223

Malicious code in toml-commitizen-vega-upgrade npm...

EUVD-2025-115158

Malicious code in commitizen-webdriverio-chalk-figures npm...

EUVD-2025-115653

Malicious code in carpo-tool-query-commitizen npm...

EUVD-2025-111582

Malicious code in loop-sails-commitizen-resolvers npm...

EUVD-2025-122086

Malicious code in semantic-release-sass-loader-commitizen-eslint-config npm...

Malicious code in commitizen-sirius-levels-supervisor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0d4da1d7df5154dbec6dc9e1b5df6c8a185d3ee33fc1050930d94bfe6457cd3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115179

Malicious code in commitizen-dotenv-safe-tool-virgo npm...

MAL-2025-140935 Malicious code in commitizen-less-loader-mysql-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1b0ecbb57fc6d6f24d993aca7226c40313a8afa4b924e0eff9c1058e3b64581 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142241 Malicious code in eslint-plugin-sadr-commitizen-testcafe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e2458790d8a94f3e458db7c76cae20f1c9bc1d93ef09dbcc916bf4b8947c51e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140925 Malicious code in commitizen-cache-spawn-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a0ef65d7296351d71c06f748a304a64aa2e5ce87ebd5092bc4ab6d793f938de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140942 Malicious code in commitizen-spectron-webdriver-resolvers-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f395643d9600a61aabe9f53d23f3b667c7024f70af1c64bf477d9fe481b95737 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144382 Malicious code in library-package-chalk-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fdbf6ed92e296a6b26f565bd7396b7fc643e1dbfbf8898ee400257e63159361 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124062

Malicious code in optimize-css-assets-webpack-plugin-commitizen-envconfig-charon npm...