Malicious code in exrpess (npm)

The package exrpess was found to contain malicious code...

@tgticketing/common (>=1.0.2 <=1.0.25), pirvp (=1.0.0) potentially affected by unknown CVE via exrpess (=0.0.1-security)

exrpess NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on exrpess and may be impacted: - @tgticketing/common =1.0.2, =1.0.25 - pirvp =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-20101...