74 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Malicious code in eslint-config-minecraft-scripting (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 965724c03399dbf45fac622dbfa8cb38e94e6cf7e3c137390da6e2818b9f073b The package eslint-config-minecraft-scripting was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-205523
Malicious code in eslint-config-pexip-engage npm...
Malicious code in eslint-config-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e71714baca3a4619a8482f00c00fbed0efcca855796a70e740d4f53a3f807003 The package eslint-config-sdk was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-199137
Malicious code in @thedelta/eslint-config npm...
Malicious code in @thedelta/eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bf18ec0224183e37e3d7ce155ce74e57988e6cdf5c817d06f892ad4b22a7546 The package @thedelta/eslint-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in eslint-config-nitpicky (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 574a6235abe523aed3a5411fc8472635c6c8d455b973bcb79f3424effe0fd99b The package eslint-config-nitpicky was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in eslint-config-zeallat-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b28fe7c28614bd60fe323d92db35df502ed3c1c9076a708815031e1a78311c6e The package eslint-config-zeallat-base was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-179048
Malicious code in eslint-config-geckodriver-algol-middleware npm...
MAL-2025-186832 Malicious code in eslint-config-antares-deneb-scorpius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00eb647f01cde44b919b7bae8593ca4cfa9bd03da63424fbcc6662f5c874e127 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quasarjet-magellan-eslint-config-capella (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66ff58fdde504d3d42a123d86f3b1ad2572ed8426a28e1b81fd8de74c23b13d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186837 Malicious code in eslint-config-nestjs-deneb-geckodriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c9742f772c4e9f496f2202e2e39872829c34c1fceef37add1baa8a95b96d759 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186838 Malicious code in eslint-config-sirius-run-script-sublimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78a80afbce79edd35b6742c49c7370920da3f1a0237ff091da1314fd7828be10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186836 Malicious code in eslint-config-nebula-magnetosphere-vuetify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81e6dda4e6b8dd0db13ce9bb06eded94758780774f45b2f7146e5518fcfcc8cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178814
Malicious code in fusion-proxima-miranda-eslint-config npm...
MAL-2025-186835 Malicious code in eslint-config-jovian-middleware-init (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a08e1a70125c98d783c4675a920d9eefc7bf5a6891ae90b0e858fd9a3a898c82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113901
Malicious code in eslint-config-quito-spectron-webdriver-dotenv-parse-variables npm...
EUVD-2025-122099
Malicious code in semantic-release-eslint-config-grus-capella npm...
EUVD-2025-113907
Malicious code in eslint-config-morgan-javascript-umbra npm...