Severity: critical

Malicious Package



This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


Remove the package from your environment. There are no indications of further compromise.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory Published
    Aug 30th, 2019
  2. reported

    Reported by Tran Viet Quang, Veracode
    Aug 30th, 2019