Malicious code in bootstrap-sass-official (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad2a7bd842611f44470a65604ac8bbe370ada242710bfe735059883033b680cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview bootstrap-sass-official is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...