Malicious code in webpack-cli.legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 22737261df7f74819a3f3f968e6516db5e37f6621827d6148b290f7650b9992f The OpenSSF Package Analysis project identified 'webpack-cli.legacy' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious Package

Overview webpack-cli.legacy is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...