MAL-2022-3699 Malicious code in http-proxy-middelware (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65e99094fb073abe6ba8b6c790b2c93d2ac8cb7154d1d0f104fcc995e14bfabd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview All versions of http-proxy-middelware contain malicious code. The index.js file attempts to download a file from a remote server and execute it. The file is not run upon installation - the package needs to be required or the index.js run manually. The package contains a typo in its code...