3 matches found
MAL-2022-5843 Malicious code in rondo-saga (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c834b76d7f6c4c27ff4b6eddb1526e4bbdf0776789432acdb0f8c715fd2cabb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rondo-saga (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c834b76d7f6c4c27ff4b6eddb1526e4bbdf0776789432acdb0f8c715fd2cabb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview rondo-saga is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...