MAL-2025-19413 Malicious code in electorn (npm)

The package electorn was found to contain malicious code...

Malicious code in electorn (npm)

The package electorn was found to contain malicious code...

Malicious Package

electorn is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

GHSA-38HX-3542-8FH3 Malicious code in `electorn`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...