MAL-2022-552 Malicious code in @radancy/dropr-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7d65597a378ae68da60c52477f431ecb3d0daa36792a77237f19d562ea7a04d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @radancy/dropr-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...