Malicious Package in js-sla3

2020-09-03T23:11:45
ID GHSA-H6M3-CX24-9626
Type github
Reporter GitHub Advisory Database
Modified 2020-09-03T23:11:45

Description

Version 0.8.0 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.