Malicious code in react-screen-reader-announce (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc94449e1dfbaea67fc7604cd192d90a355930f498364278937ae27e64050540 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview react-screen-reader-announce is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...