@cyberhub/trust-event-stream 1.0.8 → 1.0.10

package/README.md

@@ -6,7 +6,7 @@
 
 ## TL;DR
 
-- **1 vulnerability found** (1 critical, 0 high)
+- **Security incident detected** — compromised via account takeover/sabotage
 - Consider switching to **highland** (High-level streams library)
 - Pin your version and monitor for changes
 
@@ -26,8 +26,8 @@ Community:         █████████░░░░░░░░░░░
 ### Why this score?
 
 - Maintainer Trust is 44 because: single maintainer (bus factor risk), maintainer changes detected
-- Supply Chain is 39 because: 1 known CVEs, in breach database
-- Community is 46 because: no GitHub repo found
+- Supply Chain is 39 because: 1 security incident(s) in breach database, in breach database
+- Community is 46 because: no public GitHub repo linked (may be private or on another platform)
 
 ## ⚠️ Security Incident
 
@@ -36,7 +36,7 @@ This package was compromised via account takeover/sabotage (no CVE assigned). Se
 ## Key Risk Flags
 
 - 🔴 **CRITICAL**: HISTORICAL BREACH: Malicious code injected via flatmap-stream (2018)
-- 🔴 **CRITICAL**: 1 CRITICAL vulnerability(ies) from live CVE databases
+- 🔴 **CRITICAL**: 1 CRITICAL security incident from breach database (no CVE assigned)
 - 🟠 **HIGH**: Primary maintainer account is less than 6 months old (0 days)
 - 🟠 **HIGH**: Maintainer(s) removed in v4.0.0: dominictarr
 - 🟠 **HIGH**: Burst publishing detected — 5+ versions in a single day

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cyberhub/trust-event-stream",
-  "version": "1.0.8",
-  "description": "Security Trust Report: event-stream@4.0.1 — 54/100 (C, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.",
+  "version": "1.0.10",
+  "description": "Security Trust Report: event-stream@4.0.1 — 54/100 (C, standard). Security incident detected. Maintainer risk, supply chain analysis from 8 security databases.",
   "keywords": [
     "event-stream",
     "event-stream",