Malicious code in bluehost-wordpress-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 130f9a8e36740fd2a40d384f49218d898cfa0a619be16a71621770c1eed31c15 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview bluehost-wordpress-plugin is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...