Severity: critical

    Malicious Package



    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    Remove the package from your environment. There are no indications of further compromise.

    Have content suggestions? Visit

    Advisory timeline

    1. published

      Advisory Published
      Aug 30th, 2019
    2. reported

      Reported by Tran Viet Quang, Veracode
      Aug 30th, 2019