es-intquery (=1.1.5) potentially affected by unknown CVE via msc-terminal (=3.2.0)

msc-terminal NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on msc-terminal and may be impacted: - es-intquery =1.1.5 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4823...

Malicious code in msc-terminal (npm)

Part of a multi-package malicious campaign, msc-terminal npm author nhpkevte1576 carries the same payload as eo-terminal and logger-draft — a fully-featured infostealer and remote access trojan RAT deployed via a postinstall hook. All three packages share the same C2 infrastructure and attack...