Malicious code in electorn (npm)

The package electorn was found to contain malicious code...

MAL-2025-19413 Malicious code in electorn (npm)

The package electorn was found to contain malicious code...

Malicious Package

electorn is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

GHSA-38HX-3542-8FH3 Malicious code in `electorn`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...