Malicious code in startrek-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 677916f3c3652c9c9adf72499bd52d0411e53c57df7ff1a301df7dfb9d64474d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview startrek-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...