Malicious code in links-3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 870f8306aa2e95828fa2fdd771044248f7d5e8e715304b6818773620e5c7a1b2 The OpenSSF Package Analysis project identified 'links-3' @ 9.0.1 npm as malicious. It is considered malicious because: - The package communicat...

Malicious Package

Overview links-3 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...