Malicious code in markdownlint-cli2-fix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7d5154ecbbcc636198bd2314e1916e5f0673d37ab7b14caca2ea96ad5ac5e1 Package name 'markdownlint-cli2-fix' impersonates the popular 'markdownlint-cli2' linter but contains no linter functionality — the README states...

Malicious Package

Overview markdownlint-rule-link-pattern is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

MAL-2026-2633 Malicious code in markdownlint-rule-link-pattern (npm)

Malicious package due to data exfiltration via preinstall, test and preupdate scripts using wget to send user, path, and hostname to a remote server. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c5ffad19a9d8a62d1ee2a266767e609ffeba74597b50248d751b28cdffae844...

Malicious code in markdownlint-rule-link-pattern (npm)

Malicious package due to data exfiltration via preinstall, test and preupdate scripts using wget to send user, path, and hostname to a remote server. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c5ffad19a9d8a62d1ee2a266767e609ffeba74597b50248d751b28cdffae844...

Malicious code in markdownlint-cli2-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 655d6053e439a95c848bd57cd41cba21de94f230903346b885b527082e131915 The package markdownlint-cli2-action was found to contain malicious code...

EUVD-2025-200053

Malicious code in markdownlint-cli2-action npm...

MAL-2025-191516 Malicious code in markdownlint-cli2-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 655d6053e439a95c848bd57cd41cba21de94f230903346b885b527082e131915 The package markdownlint-cli2-action was found to contain malicious code...

EUVD-2025-175530

Malicious code in writable-jovian-pino-markdownlint npm...

EUVD-2025-175738

Malicious code in venus-dactyl-publish-markdownlint npm...

EUVD-2025-176011

Malicious code in terser-antares-markdownlint-telesto npm...

EUVD-2025-175528

Malicious code in xanadu-dotenv-safe-markdownlint-materialize npm...

EUVD-2025-175521

Malicious code in xanthus-dotenv-safe-markdownlint-xerxes npm...

EUVD-2025-177619

Malicious code in nextjs-google-transport-markdownlint npm...

EUVD-2025-177338

Malicious code in palynology-ultra-biomimicry-markdownlint npm...

EUVD-2025-177944

Malicious code in markdownlint-rollup-loglevel-toml npm...

EUVD-2025-178073

Malicious code in lint-markdownlint-sedimentology-winston npm...

EUVD-2025-179146

Malicious code in enceladus-quantumfoam-markdownlint-lightyear npm...

EUVD-2025-177291

Malicious code in pavo-xenon-markdownlint-enceladus npm...

EUVD-2025-178577

Malicious code in heka-markdownlint-rollup-node-config npm...

Malicious code in markdownlint-rollup-loglevel-toml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbc9bcd9f7f8ab3bac1cfef2c4e32342014982407e7e69dedb4ebd4e42256d0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...