0.001 Low
EPSS
Percentile
39.8%
discordi.js is a malicious package. Upon installation, the package attempts to discover a user’s discord login credentials and sends them to pastebin.
nodesecurity.io/advisories/545