EUVD-2025-176585

Malicious code in run-script-juno-supernova-commitlint npm...

EUVD-2025-177526

Malicious code in nova-quantum-protractor-commitlint npm...

EUVD-2025-178969

Malicious code in exoplanetology-link-commitlint-prosthetics npm...

EUVD-2025-180113

Malicious code in bellatrix-mira-europa-commitlint npm...

Malicious code in loopback-remark-cordelia-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d03050b2cb2866d7de11164971c4591795fadadb14bdf9da6411cc366238b169 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187493 Malicious code in inquirer-winston-commitlint-cosmiconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d8803b934bddaa10af678e2f1095520a0c5df75893b63ef2fb45b3564318c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179631

Malicious code in commitlint-config-angular-init-miranda-luna npm...

EUVD-2025-179831

Malicious code in centauri-lyra-prompts-commitlint npm...

MAL-2025-186248 Malicious code in commitlint-config-angular-forever-dotenv-parse-variables-google (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e8eabd8ef0a60fb9207674e7219976cda9db0950935484582aa5086ac905614 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115111

Malicious code in commitlint-xerxes-deimos-adonis npm...

EUVD-2025-115143

Malicious code in commitlint-config-angular-jest-update-neptune npm...

MAL-2025-140970 Malicious code in commitlint-config-angular-pegasus-xenos-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9c2051b79f90232311e21a77400bf1024281ed15567f280e1ecad0578366fd9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145028 Malicious code in miranda-dactyl-nextjs-commitlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b54d228656bd30c22129a576bd60a948554c53a18f40744adf0046d7568bc647 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114579

Malicious code in delphinus-titan-ora-commitlint npm...

EUVD-2025-115151

Malicious code in commitlint-config-angular-babel-tethys-sirius npm...

EUVD-2025-122005

Malicious code in shelljs-library-development-commitlint npm...

EUVD-2025-121789

Malicious code in spectron-webdriver-oauth-spectron-webdriver-commitlint npm...

EUVD-2025-115147

Malicious code in commitlint-config-angular-dactyl-tailwindcss-npm npm...

EUVD-2025-115152

Malicious code in commitlint-config-angular-apollo-sequelize-karma npm...

Malicious code in commitlint-config-angular-webpack-wasat-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b38732bb40f27e5ef5078f17e319f036a03a4a5baf07946c9d5ae86538d5462 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...