Name of the Vulnerable Software and Affected Versions momen (affected versions not specified)

Description The momen package is a typosquatted version of a popular package with a similar name. It tracks users who have installed the incorrect package and uploads information to a remote server, including the name of the downloaded package, the name of the intended package, the Node version, and whether the process is running as sudo. There is no further compromise.

Recommendations Remove the momen package from your dependencies. Always ensure package names are typed correctly upon installation.