Malicious code in lookingan-namalaka67 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd806b67baebd1cfd6aa40fb643606cdc0dd1d11fb42a85be9e10f5a0404d108 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in personal_boar_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c85c16d187e5cbbf0b8b23fd0c771209856007eea7f6b88ca58e9dc39be0d05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rifqi-kupat13-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa9507743fe6d94ae5f9a90c7dfd113c5ae1d842f125f89cfdb4dc95f5db3ed0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-93269 Malicious code in arrogant_cardinal_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fceab05bb9d4b993d603b74e45af407d25ce25a2849453da4a8178a62b74479 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-88077 Malicious code in lutfi-sambel36-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f00855837dda4b3a9ede9f260aa28a011a1092f28dcc1745539c58c7b5d161a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in nana-lengko81-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1a5f3a545c8c75e1aea0da49cc84aecf60c84f1efbf5ec8698f6786a517c71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2024-54508

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

Vulnerabilities fixed in RoundCube Webmail

Vulnerabilities have been fixed in RoundCube Webmail. A malicious party could exploit the vulnerabilities to launch a Cross-Site Scripting attack. Such an attack could lead to execution of arbitrary code in the victim's browser, or access to sensitive data in the context of the victim's browser...

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in node.js. A malicious party can exploit the vulnerabilities to bypass security measures and thus gain access to modules and code for which which it is not authorized. Also, the malicious party can cause a Denial-of-Service, or through host header injection...