It pays to be a forever student

Welcome to this week's edition of the Threat Source newsletter. If I haven't said it in a newsletter before, I'll say it now: If you want to be good at cybersecurity, be a forever student. Cultivating and feeding your desire to know how things work is one of the key ingredients to being a hacker...

PT-2026-23185

Name of the Vulnerable Software and Affected Versions TheBi versions through 1.0.5 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, which can lead to Reflected Cross-Site Scripting XSS. This allows an attacker to inject malicious...

EUVD-2025-176679

Malicious code in resolvers-forever-mongoose-multiverse npm...

EUVD-2025-178872

Malicious code in forever-cypress-public-package npm...

EUVD-2025-178873

Malicious code in forever-cygnus-postcss-jwt npm...

EUVD-2025-178867

Malicious code in forever-webpack-whitedwarf-nextjs npm...

EUVD-2025-179315

Malicious code in despina-kastra-forever-supervisor npm...

MAL-2025-188117 Malicious code in mongoose-wolf-deimos-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 278e4a12ef49eb23953dc1bea73ef37ad5b5174a325aaebbabb2faba7c8c204b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179994

Malicious code in bootstrap-forever-uranology-colors npm...

EUVD-2025-177765

Malicious code in mongoose-wolf-deimos-forever npm...

MAL-2025-188018 Malicious code in meteor-command-warp-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8178667f4cc481bfbb71a61023a72f4c670447ad57a44be40c3aab68de2cac2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179981

Malicious code in boson-forever-leda-pegasus npm...

EUVD-2025-178869

Malicious code in forever-npm-sociobiology-cassini npm...

EUVD-2025-179553

Malicious code in cosmiconfig-fermiparadox-parsec-forever npm...

EUVD-2025-177066

Malicious code in prettier-registry-forever-prettier-plugin-markdown npm...

Malicious code in forever-cypress-public-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86d8f2b7403fb7a57f1c5c0016932bfade7e558ec54a15aa56686d6a7431ea8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177692

Malicious code in nconf-gemini-webdriver-mocha-forever npm...

EUVD-2025-178866

Malicious code in forever-zephyr-pavo-slides npm...

EUVD-2025-178871

Malicious code in forever-heka-polaris-elektra npm...

MAL-2025-189965 Malicious code in transform-forever-quantum-computing-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 670dab104ace8220a6a4d15814c89357d5aee51b5d8f63e9d6df78d1ce4735a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...