2 matches found
Malicious Package
Overview cvs-components is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...
Malicious code in cvs-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f859cf18d15ca2e6fcb2e4d0ed1c41189cca40fe9eb55cc6e82b9eea86ad45a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...