Malicious code in qori-serimuka23-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d619d051c131eb2399c861de59695f752ad4d81ba36240daf18f25b97b70175c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-123504 Malicious code in tania-getuk100-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66c93eda5b74281b00652edd6b26dbd2c74de6c347e543b0991643246e0b75dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-122847 Malicious code in remarkable_fly_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e4ed7fa49d412dd704e133d61fed85ae81bf058ee8003660259255c06119692 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-124060 Malicious code in vida-teh27-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd8a28a117d94b4aec8730cc882f2e019235a8f24d84e39ec35c1ffb67aaffc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-122725 Malicious code in putri-tempe83-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a08de25ba0575953b0ee57719e58a1e02338c0e86a962cb4e879f7b65ceb0bf8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Microsoft Patch Tuesday, November 2025 Security Update Review

Microsoft released its November Patch Tuesday Security Updates. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for November 2025 This month's release addresses 68 vulnerabilities, including five critical and 59 important-severity vulnerabilities. In this month's update...

EUVD-2025-93498

Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially...

CVE-2025-59512

Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...

EUVD-2025-93445

Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...

CVE-2025-59512 Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability

...

CVE-2025-59512

Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...

EUVD-2025-84349

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...

Malicious code in bella-ubi90-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25c59f6189d5a371e50daf448c75f08c5c085f9727a6910c60f2b21790f4693b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cici-asinan65-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7031c8d265acf8114652cd7b8f0020b68375200bf6f5514e4c498124a3ba5625 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in established_camel_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcd343e48816a5ec3dc34c83f235c51fe05775d12b5ae3e7b20753fb1aa34879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in excited_wombat_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb8f00dd3c0ed798f5a58278ba0558504881697a262f2774e5b52c7ed01d187 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in familiar_bison_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c41b98204f1e842b8593a670479b85a9f1068bdf2854197be8407de563bd45a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lisa-lutis61-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95b600783572e01988b4abea4f463d98ff6043daf4526ce69320070e86b2d4e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in patria-nasisayur10-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fd4f1fd2472b944dd896f6aee66789600a3949b745bc25dd9498ab0b3a1ea1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rina-mieayam9-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbb5a2b47c3001b6dcb5cf5c7e8665669e6885eeb3fec2eb9d9e79237460cff7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...