Malicious Package in sdfjghlkfjdshlkjdhsfg. All versions of `sdfjghlkfjdshlkjdhsfg` contain malicious code. The package is essentially a worm that fetches all packages owned by the user, adds a script to self-replicate as a preinstall script and publishes a new version
Source | Link |
---|---|
npmjs | www.npmjs.com/advisories/1072 |
github | www.github.com/advisories/GHSA-gcfc-mgg3-8j2c |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo