MAL-2025-146641 Malicious code in promise-graphql-start-superagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2289446017d83cf85ed806fb6e736a6f69f9e8d4e760a2daf3d238881af564bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eka-kue10-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47a330b3541b1f257622058b7ffaf9e94373c03c4680af91b835588b5837648d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in likely_gamefowl_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 244b20979aa8afe1e8eeaaf6601d5a73d6a8be90561f4e977caffe1682c8e8ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-100684 Malicious code in coloured_cheetah_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb59d53f9cc32c19c6fc0506faf401540efe863ede262a6d12211b50bcb8d02f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

@forgerock/openam-agent-cache-memcached (=2.0.0), @mapbox/tilelive-memcached (=1.0.1) +74 more potentially affected by CVE-2018-3767 via memjs (>=0.10.2 <=0.9.1)

memjs NPM version =0.10.2, =1.0.0, =0.0.0, =0.12.1, =0.0.1, =0.8.0, =0.1.0, =1.1.0, =1.1.1 and more Source cves: CVE-2018-3767 Source advisory: OSV:GHSA-CX8M-8XMX-Q8V3...