Severity: critical

    Malicious Package

    axios-http

    Overview

    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

    Remediation

    Remove the package from your environment. There are no indications of further compromise.

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Aug 30th, 2019
    2. reported

      Reported by Tran Viet Quang, Veracode
      Aug 30th, 2019