Malicious code in eslint-plugin-superhuman-custom-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e50258e14acd3712854f3059d043b8c4982563ab8d401555b253702a3212279 The package eslint-plugin-superhuman-custom-rules was found to contain malicious code...

EUVD-2026-3169

Malicious code in eslint-plugin-fuel-react npm...

EUVD-2025-176037

Malicious code in technosignature-eslint-plugin-deimos-stop npm...

MAL-2025-142206 Malicious code in eslint-config-prettier-plugin-markdown-zephyr-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b3ef52b43da2fe6d4c198943373ceb6eaaa3a2711589e609220e6dcda6cf2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-plugin-amphtml-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35f43ba909b0b64bd2035c4e01d64c2f6f506ee7a3be8161a2c16aeb01d93863 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...