Version 1.2.2 of `font-scrubber` contains malicious code that attempts to upload sensitive files to a remote server. Systems with this package should be considered fully compromised. Secrets and keys must be rotated immediately. Removing the package does not guarantee removal of all malicious software
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo